D5394: KAuth integration in document saving - vol. 2

Martin Kostolný noreply at phabricator.kde.org
Sun Apr 30 00:22:03 UTC 2017 

martinkostolny updated this revision to Diff 14013.
martinkostolny added a comment.


  Thanks for noticing the security issues! And sorry for the pause. Here is an updated diff which should ensure, QFile is using relative path. I've managed to reduce the use of absolute paths to this state - strace (saving privileged example2.txt file inside ~/Downloads):
  
    chdir("/home/kotelnik/Downloads")       = 0
    stat("example2.txt", {st_mode=S_IFREG|0640, st_size=1085659, ...}) = 0
    getcwd("/home/kotelnik/Downloads", 4096) = 25
    getpid()                                = 3343
    open("/home/kotelnik/Downloads/example2.txt.TJ3343", O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC, 0600) = 10
    fcntl(10, F_SETFD, FD_CLOEXEC)          = 0
    lseek(10, 0, SEEK_SET)                  = 0
    close(10)                               = 0
    open("/tmp/kate.nS3280", O_RDONLY|O_CLOEXEC) = 10
    fcntl(10, F_SETFD, FD_CLOEXEC)          = 0
    fstat(10, {st_mode=S_IFREG|0600, st_size=1085661, ...}) = 0
    open("example2.txt.TJ3343", O_RDWR|O_CREAT|O_CLOEXEC, 0666) = 11
    [...]
    stat("example2.txt", {st_mode=S_IFREG|0640, st_size=1085659, ...}) = 0
    access("example2.txt", R_OK)            = 0
    access("example2.txt", W_OK)            = 0
    access("example2.txt", X_OK)            = -1 EACCES (Permission denied)
    chmod("example2.txt.TJ3343", 0640)      = 0
    fchown(11, 33, 33)                      = 0
    rename("example2.txt.TJ3343", "example2.txt") = 0
  
  One not-nice part in code is opening and immediately closing the QTemporaryFile (the only use of absolute path). Then tempFile is opened again with relative path and written to like before. I wanted to make use of the convenient way of creating unique temporary filename. Other suggestions are welcome :).
  
  Regarding parallel KAuth actions I didn't manage to understand KAuth code enough to make a fix myself. So there comes 2 bug reports:
  
  - https://bugs.kde.org/show_bug.cgi?id=379215
  - https://bugs.kde.org/show_bug.cgi?id=379216

REPOSITORY
  R39 KTextEditor

CHANGES SINCE LAST UPDATE
  https://phabricator.kde.org/D5394?vs=13621&id=14013

REVISION DETAIL
  https://phabricator.kde.org/D5394

AFFECTED FILES
  src/buffer/katesecuretextbuffer.cpp
  src/buffer/katesecuretextbuffer_p.h
  src/buffer/katetextbuffer.cpp
  src/buffer/katetextbuffer.h

To: martinkostolny, #ktexteditor, fvogt
Cc: elvisangelaccio, aacid, ivan, lbeltrame, fvogt, apol, anthonyfieroni, cullmann, ltoscano, dhaumann, graesslin, davidedmundson, palant, kwrite-devel, dfaure, #frameworks, head7, kfunk, sars
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20170430/20536cff/attachment.html>

More information about the Kde-frameworks-devel mailing list