Features removed downstream out of security concerns
Luca Beltrame
lbeltrame at kde.org
Mon Apr 10 15:05:34 BST 2017
Hello,
this is tangential to the "workflow breaking" changes and is about the recently
landed Kauth support for ktexteditor[1]. In this case in openSUSE the change
will be reverted (it's not an if, it *will*) because of objections raised
during security audit[2].
In addition, a cursory glance from a member of the KDE team also showed two
potential race conditions in the code (see review for comments).
[1] https://phabricator.kde.org/D4847
[2] https://bugzilla.suse.com/show_bug.cgi?id=1033055
So, the fact that Kauth is used does not guarantee that the code is safe, or
is that it is meaningful to allow specific actions. In this case, the security
team found this to be an abuse of polkit and has vetoed the inclusion. As we
want to keep shipping ktexteditor, we had no other chance but to remove the
feature.
So, in case security sensitive features are planned, their scope should also
be considered.
--
Luca Beltrame - KDE Forums team
KDE Science supporter
GPG key ID: A29D259B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/distributions/attachments/20170410/a503e01f/attachment.sig>
More information about the Distributions
mailing list