[krita] [Bug 506889] Task injection vulnerability in Krita
vanyossi
bugzilla_noreply at kde.org
Fri Jul 11 21:15:58 BST 2025
https://bugs.kde.org/show_bug.cgi?id=506889
vanyossi <ghevan at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REPORTED |NEEDSINFO
Resolution|--- |WAITINGFORINFO
--- Comment #4 from vanyossi <ghevan at gmail.com> ---
ok, ran the test using sandboxed krita.app (from the store)
this are the results
daedalus at dinamus:krita/test_files/task_allow $ ./inject_krita
2025-07-11 14:10:47.248 inject_krita[38057:3650901] [*] Searching for Krita
process...
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [+] Found Krita with PID:
37960
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [+] Attempting to get task
port...
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [-] Failed to get task for
pid 37960: 5 (0x5)
The entitlement does not break the sandbox.
however it also does not work running krita installed from our website, neither
running any dev build.
I followed the exact steps from this report.
What could be missing?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the kde-mac
mailing list