D12795: Re-allow running Dolphin as the root user (but still not using sudo)
Nathaniel Graham
noreply at phabricator.kde.org
Sun May 20 20:12:00 BST 2018
ngraham added a comment.
In D12795#265616 <https://phabricator.kde.org/D12795#265616>, @graesslin wrote:
> > You would also have to run a malicious application which is quite unlikely if you stick to vendor packages (but sure, there probably is a very small chance that a malicious package lands in the dist repository).
>
> nope, sorry. The exploit I wrote would work through a drive-by download through an Internet browser. The world we live in sucks :-(
Has the security hole in the web browser that allowed the exploit been fixed?
REPOSITORY
R318 Dolphin
REVISION DETAIL
https://phabricator.kde.org/D12795
To: ngraham, markg, elvisangelaccio, #dolphin
Cc: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp, spoorun, navarromorales, isidorov, firef, andrebarros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20180520/0e39bc7f/attachment.htm>
More information about the kfm-devel
mailing list