D14467: Auth Support: Drop privileges if target is not owned by root

Chinmoy Ranjan Pradhan noreply at phabricator.kde.org
Fri Jun 21 12:22:41 BST 2019


chinmoyr added inline comments.

INLINE COMMENTS

> maltek wrote in filehelper.cpp:133
> For `chown`, dropping privileges here means that the `chown` later can't succeed - it's not possible to 'gift' a file to another user. I think it should be handled more like `DEL/RMDIR/MKDIR` etc.

Ah! Since I was testing inside /opt I didn't notice. I think the order here should be: drop privilege -> change grp -> gain privilege -> change user.

> maltek wrote in filehelper.cpp:150
> I just realized that this wouldn't allow changing the owner of symbolic links. The way to go here is `lchown`.

Do you think it'll be a bad idea to skip the case for symlinks in utime, chmod, chown, for now? Right now there's no code in KIO that requires these operations to be performed on the link itself.

REPOSITORY
  R241 KIO

REVISION DETAIL
  https://phabricator.kde.org/D14467

To: chinmoyr, dfaure, ngraham, elvisangelaccio, #frameworks, #dolphin, maltek
Cc: maltek, mreeves, mgerstner, fvogt, kde-frameworks-devel, LeGast00n, michaelh, ngraham, bruns
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20190621/818588af/attachment.htm>


More information about the kfm-devel mailing list