D12795: Re-allow running Dolphin as the root user (but still not using sudo)

Mark Gaiser noreply at phabricator.kde.org
Sun May 20 20:57:57 BST 2018 

markg added a comment.


  In D12795#265634 <https://phabricator.kde.org/D12795#265634>, @ngraham wrote:
  
  > In D12795#265631 <https://phabricator.kde.org/D12795#265631>, @graesslin wrote:
  >
  > > The ideas of sandbox baloo_file_extractor are after all based on my sandboxing for kscreenlocker.
  >
  >
  > Then could you help review it, at least?
  >
  > In D12795#265631 <https://phabricator.kde.org/D12795#265631>, @graesslin wrote:
  >
  > > I never used an exploit. What I would use is the chrome to download behavior. That is not fixed, it's still the default.
  >
  >
  > Ah, so the problem is that the user actually //opened// a malicious file. On macOS at least, Finder prompts the user before they can open a file that was auto-downloaded. Perhaps we need to do the same.
  >
  > In D12795#265619 <https://phabricator.kde.org/D12795#265619>, @graesslin wrote:
  >
  > > baloo is just one example. Every program on the user's system can be abused to it. You can also hope that the user just clicks it. Download a video, which uses a vulnerability in vlc, download a zip file which uses a vulnerability in gzip. There are just so many ways. All you need is a simple bug in an application.
  >
  >
  > Sounds like you've just described why security is hard. :) You've also described the proper response to a security threat: doing the hard work to harden apps, not the easy and lazy approach of simply disabling a feature that's potentially vulnerable to them. It's not like we should disable opening videos in VLC or zip files in Ark just because there are security vulnerabilities.
  >
  > Since you've said you prefer to stay in the KWin world, ultimately this is the Dolphin maintainers' decision. We've heard lots of arguments on both sides, now I think it's fine for someone with some authority here to make a decision. However I would note that while not a maintainer, I'm someone who's actively involved in Dolphin's development and who submits a lot of patches, so I hope that counts for more than nothing.
  
  
  That would be @emmanuelp .
  While he is the maintainer, the most active one currently seems to be @elvisangelaccio (by just looking over the past ~3 commit pages https://cgit.kde.org/dolphin.git/log/src).
  
  For the record, this initial change of disallowing dolphin as root should have never been merged with the reason to keep things in "sync" with kate and no further discussion on dolphin for this at all.
  Kate != Dolphin, different use cases and different considerations.

REPOSITORY
  R318 Dolphin

REVISION DETAIL
  https://phabricator.kde.org/D12795

To: ngraham, markg, elvisangelaccio, #dolphin
Cc: chinmoyr, cfeck, elvisangelaccio, mmustac, Fuchs, markg, graesslin, nicolasfella, zzag, kfm-devel, emmanuelp, spoorun, navarromorales, isidorov, firef, andrebarros
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20180520/01330f25/attachment.htm>

More information about the kfm-devel mailing list