D14467: Auth Support: Drop privileges if target is not owned by root
Chinmoy Ranjan Pradhan
noreply at phabricator.kde.org
Fri Jun 21 12:22:41 BST 2019
chinmoyr added inline comments.
INLINE COMMENTS
> maltek wrote in filehelper.cpp:133
> For `chown`, dropping privileges here means that the `chown` later can't succeed - it's not possible to 'gift' a file to another user. I think it should be handled more like `DEL/RMDIR/MKDIR` etc.
Ah! Since I was testing inside /opt I didn't notice. I think the order here should be: drop privilege -> change grp -> gain privilege -> change user.
> maltek wrote in filehelper.cpp:150
> I just realized that this wouldn't allow changing the owner of symbolic links. The way to go here is `lchown`.
Do you think it'll be a bad idea to skip the case for symlinks in utime, chmod, chown, for now? Right now there's no code in KIO that requires these operations to be performed on the link itself.
REPOSITORY
R241 KIO
REVISION DETAIL
https://phabricator.kde.org/D14467
To: chinmoyr, dfaure, ngraham, elvisangelaccio, #frameworks, #dolphin, maltek
Cc: maltek, mreeves, mgerstner, fvogt, kde-frameworks-devel, LeGast00n, michaelh, ngraham, bruns
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20190621/818588af/attachment-0001.html>
More information about the Kde-frameworks-devel
mailing list