D12513: CVE-2018-10361: privilege escalation
Albert Astals Cid
noreply at phabricator.kde.org
Mon May 28 21:43:19 UTC 2018
aacid added a comment.
I think it was agreed this is an improvement, so i'm going to suggest we commit it.
I'm definitely very short on time to spend here because someone added poppler to oss-fuzz and i've a pile of files that are crashing / causing bad behaviour on poppler to care for.
Once this is in, we should open a bug/phabricator task/wathever with what is missing and the recommendations to fix it.
Also not sure if useful but since kio is getting support for writting to "root owned" files we should investigate if maybe we can just simply drop this code altogether?
To: cullmann, dfaure
Cc: kwrite-devel, kde-frameworks-devel, mgerstner, aacid, ngraham, fvogt, cullmann, michaelh, kevinapavew, bruns, demsking, sars, dhaumann
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the KWrite-Devel