D4847: KAuth integration in document saving
Martin Kostolný
noreply at phabricator.kde.org
Tue Mar 21 17:48:32 UTC 2017
martinkostolny added a comment.
> it should work as it is now, or I am mistaken?
I believe the latest diff update is indeed making use of atomic rename. I will roughly summarize what the code currently does:
1. First try to open QSaveFile, if succeeded -> finish writing as before the patch
2. If opening QSaveFile fails KAuth action is called for creation of a temporary file in the same directory as the original target file
3. Then writing to this file is performed as regular user (same as before the patch)
4. Finally, second KAuth action is called to atomically rename the temporary file
Owner and group is taken care of. Atomic rename is used only for Unix. On Windows there is a fallback using another QSaveFile which is also atomic when renaming but there is otherwise useless file copy beforehand. From my (non-expert) point of view this fallback is the only thing that needs fixing right now. But I currently cannot do that, it seems to me that it can be done later, too.
> I am no security expert.
Me neither. OK let's wait for somebody better qualified for this task :).
REPOSITORY
R39 KTextEditor
REVISION DETAIL
https://phabricator.kde.org/D4847
To: martinkostolny, dhaumann, #ktexteditor
Cc: apol, dfaure, anthonyfieroni, cullmann, ltoscano, dhaumann, graesslin, davidedmundson, palant, kwrite-devel, #frameworks, head7, kfunk, sars
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20170321/191de2f7/attachment.html>
More information about the Kde-frameworks-devel
mailing list