D12795: Re-allow running Dolphin as the root user (but still not using sudo)
Nathaniel Graham
noreply at phabricator.kde.org
Sun May 20 18:38:14 BST 2018
ngraham added inline comments.
INLINE COMMENTS
> graesslin wrote in main.cpp:47
> Honestly I don't think we need to support that. If a user really wants that they can patch dolphin. We don't have to support every user wish. If I would have supported every user wish KWin would be an unmaintainable monster.
>
> Also I think it's a really stupid idea to run the session as root. Yes users might do that but we are not obliged to support their crazy ideas. (That reminds me: I need to patch kwin_wayland to disallow running as root)
>
> Security and usability are always in direct competition to each user. Sometimes it's important to lean more towards security and sometimes it's important to go more towards usability. The usability gain here is rather low while at the same time it's a security risk. The improvement you suggest here only benefits a very small subset of our user group (most distros just don't allow logging in as root anyway). Given that I would say that this is a case that the benefits for security are more important than the benefits for usability.
If you're *already* using a root session, what *additional* security is gained by preventing the use of the file manager? Couldn't malicious software own your terminal too?
I know you're against root session use. I'm not in favor of it myself. But IMHO it's not our jobs as DE providers to make this decision for our users or their distros. This change has broken Kali, a popular KDE-using distro. openSUSE has already patched it out. Kali may eventually have to patch it out too, or switch to another DE. I assume that's not what we want...
Ultimately Dolphin's maintainer should make the call, but I really think that this is a case where we shouldn't destroy a part of the user experience in the interests of security. We shouldn't take the lazy way out of just saying, "access blocked, too bad, my job is finished." That's not in line with the focus on Usability and Productivity that the KDE community has voted on. With this patch, I've tried to moderate the security check by re-allowing a use case that does not actually represent an additional security vulnerability, while preserving the original intention. I will let the Dolphin maintainers make the call in the end.
REPOSITORY
R318 Dolphin
REVISION DETAIL
https://phabricator.kde.org/D12795
To: ngraham, markg, elvisangelaccio, #dolphin
Cc: cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp, spoorun, navarromorales, isidorov, firef, andrebarros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20180520/c2869efd/attachment.htm>
More information about the kfm-devel
mailing list