D10437: Limit the use of file.so for privilege operation to one application
Fabian Vogt
noreply at phabricator.kde.org
Sun Feb 11 13:17:44 UTC 2018
fvogt added a comment.
In D10437#204413 <https://phabricator.kde.org/D10437#204413>, @chinmoyr wrote:
> In D10437#204382 <https://phabricator.kde.org/D10437#204382>, @fvogt wrote:
>
> > In D10437#204377 <https://phabricator.kde.org/D10437#204377>, @chinmoyr wrote:
> >
> > > The whole work is being done inside KIO::Job. If the application uses regular Jobs then I can't see how it can fake it.
> >
> >
> > By not using KIO or using a modified KIO. Never assume you can trust anything you get sent.
>
>
> Going by this logic, it seems any attempt at providing security from job's side is pointless.
It is.
> So how about moving the handling of prompts to slave's side? At least we can be sure a prompt will be shown all the time.
Sounds good. Once polkit granted file.so authorized access to the helper, it needs to be treated as privilege boundary so it needs to prompt.
REPOSITORY
R241 KIO
REVISION DETAIL
https://phabricator.kde.org/D10437
To: chinmoyr, #frameworks, dfaure, fvogt
Cc: markg, anthonyfieroni, michaelh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180211/52b9929b/attachment-0001.html>
More information about the Kde-frameworks-devel
mailing list