<table><tr><td style="">chinmoyr created this revision.<br />chinmoyr added reviewers: Frameworks, dfaure, fvogt.<br />Restricted Application added a project: Frameworks.<br />chinmoyr requested review of this revision.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D10437" rel="noreferrer">View Revision</a></tr></table><br /><div><strong>REVISION SUMMARY</strong><div><p>After successful authorization for privilege execution the whole session gets full root-level access via file.so.<br />
This patch changes file ioslave to not perform a privilege operation if the application which is requesting the<br />
operation is different from the one that initially requested the operation. However, an exception is made if<br />
the request came after the expiration of temporary authorization.</p></div></div><br /><div><strong>REPOSITORY</strong><div><div>R241 KIO</div></div></div><br /><div><strong>BRANCH</strong><div><div>master</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D10437" rel="noreferrer">https://phabricator.kde.org/D10437</a></div></div><br /><div><strong>AFFECTED FILES</strong><div><div>src/core/simplejob.cpp<br />
src/core/slavebase.cpp<br />
src/core/slavebase.h<br />
src/ioslaves/file/file_unix.cpp</div></div></div><br /><div><strong>To: </strong>chinmoyr, Frameworks, dfaure, fvogt<br /><strong>Cc: </strong>michaelh<br /></div>