kio-admin in kdereview
Albert Astals Cid
aacid at kde.org
Thu Oct 13 21:32:31 BST 2022
El dijous, 13 d’octubre de 2022, a les 1:03:53 (CEST), Harald Sitter va
escriure:
> On Thu, Oct 13, 2022 at 12:46 AM Albert Astals Cid <aacid at kde.org> wrote:
> > Did I misunderstood the code? It looks like this run all of kio with root
> > powers?
>
> That is correct
That feels like a reasonably big no no with my security hat.
I'm relatively sure we have not audited all of KIO and it's dependencies to be
"running as root"-safe.
What's the use case of this against the kauth support in file_unix.cpp ?
Cheers,
Albert
More information about the kde-core-devel
mailing list