<table><tr><td style="">chinmoyr updated this revision to Diff 27483.<br />chinmoyr retitled this revision from "Limit the use of file.so for privilege operation to one application" to "Revoke authorization of file ioslave before it is used by another process".<br />chinmoyr edited the summary of this revision. <a href="https://phabricator.kde.org/transactions/detail/PHID-XACT-DREV-25bccjsbqymvkuf/" rel="noreferrer">(Show Details)</a><br />chinmoyr edited the test plan for this revision. <a href="https://phabricator.kde.org/transactions/detail/PHID-XACT-DREV-6coluepja3b3cfa/" rel="noreferrer">(Show Details)</a><br />chinmoyr added a dependency: D10641: Revoke temporary authorization of KIO slave before sending it to klauncher.<br />chinmoyr added a comment.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D10437" rel="noreferrer">View Revision</a></tr></table><br /><div><div><p>Updated test plan</p></div></div><br /><div><strong>CHANGES TO REVISION SUMMARY</strong><div><div style="white-space: pre-wrap; color: #74777D;"><div style="padding: 8px 0;">...</div>This patch changes file ioslave to <span style="padding: 0 2px; color: #333333; background: rgba(251, 175, 175, .7);">not perform a</span><span style="padding: 0 2px; color: #333333; background: rgba(151, 234, 151, .6);">loose</span> privilege <span style="padding: 0 2px; color: #333333; background: rgba(251, 175, 175, .7);">operation if the application which is requesting the</span><span style="padding: 0 2px; color: #333333; background: rgba(151, 234, 151, .6);">before it is reused by another process</span><br />
<span style="padding: 0 2px; color: #333333; background: rgba(251, 175, 175, .7);">operation is different from the one that initially requested the operation. However, an exception is made if<br />
the request came after the expiration of temporary authorization.</span><span style="padding: 0 2px; color: #333333; background: rgba(151, 234, 151, .6);"> <br />
Depends on D10641</span></div></div></div><br /><div><strong>CHANGES TO TEST PLAN</strong><div><div style="white-space: pre-wrap; color: #74777D;"><span style="padding: 0 2px; color: #333333; background: rgba(151, 234, 151, .6);">Before testing set permission in org.kde.kio.file.policy to auth_admin_keep.<br />
<br />
create files /opt/{a,b}<br />
open kioslavetest<br />
delete /opt/a<br />
open ksysguard and send interrupt signal to kioslavetest<br />
again open kioslavetest<br />
delete /opt/b<br />
<br />
Without this patch "/opt/b" will be deleted but password won't be asked.<br />
With this patch kauth authentication dialog as well as other prompts are shown properly.</span></div></div></div><br /><div><strong>REPOSITORY</strong><div><div>R241 KIO</div></div></div><br /><div><strong>CHANGES SINCE LAST UPDATE</strong><div><a href="https://phabricator.kde.org/D10437?vs=27482&id=27483" rel="noreferrer">https://phabricator.kde.org/D10437?vs=27482&id=27483</a></div></div><br /><div><strong>BRANCH</strong><div><div>master</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D10437" rel="noreferrer">https://phabricator.kde.org/D10437</a></div></div><br /><div><strong>AFFECTED FILES</strong><div><div>src/ioslaves/file/file_unix.cpp</div></div></div><br /><div><strong>To: </strong>chinmoyr, Frameworks, dfaure, fvogt<br /><strong>Cc: </strong>markg, anthonyfieroni, michaelh<br /></div>