D10641: Revoke temporary authorization of KIO slave before sending it to klauncher
Chinmoy Ranjan Pradhan
noreply at phabricator.kde.org
Sun Feb 18 16:48:28 UTC 2018
chinmoyr created this revision.
chinmoyr added a reviewer: dfaure.
Restricted Application added a project: Frameworks.
Restricted Application added a subscriber: Frameworks.
chinmoyr requested review of this revision.
REVISION SUMMARY
An idle slave authorized for privilege operation can be easily misused.
This patch changes SlaveBase to revoke temporary authorization(s) of the slave before
sending it to klauncher.
Depends on D10568 <https://phabricator.kde.org/D10568> and D10638 <https://phabricator.kde.org/D10638>
TEST PLAN
1.An over-simplified version of how the slave is sent to klauncher:
2.SlaveBase calls `connectSlave(d->poolSocket)`
3.This in turn emits `newConnection`
4.In klauncher this signal connects to `acceptSlave` which creates a new IdleSlave.
5.Then `mConnectionServer` gets the connection backend of the Slave and sets it as the connection backed in IdleSlave.
6.IdleSlave then sends CMD_SLAVE_STATUS command and gets Slave's details. (pid, protocol etc)
7.kaluncher then stores this IdleSlave.
REPOSITORY
R241 KIO
BRANCH
master
REVISION DETAIL
https://phabricator.kde.org/D10641
AFFECTED FILES
src/core/CMakeLists.txt
src/core/slavebase.cpp
src/core/slavebase.h
To: chinmoyr, dfaure
Cc: fvogt, #frameworks, michaelh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180218/6775e818/attachment-0001.html>
More information about the Kde-frameworks-devel
mailing list