D4997: Support for long running kcheckpass supporting multiple authentications

Martin Gräßlin noreply at phabricator.kde.org
Sun Mar 26 19:44:35 UTC 2017


graesslin added inline comments.

INLINE COMMENTS

> subdiff wrote in authenticator.h:63
> Can we only use the enum class in Authenticator, instead of duplicating it here?

I don't like using enums defined in other classes. But moving it a level up into the namespace would be an option.

> subdiff wrote in kcheckpass.c:394
> Shouldn't we test this before we write the result to the socket (and then write an error as result)?

No, we need to support the setuid case. It is used by bsds and slackware. So we need to support general authentication. The break here is more a better safe than sorry thingy. Technically it would support the long running also in setuid. But I don't trust the code. So to decrease the attack surface we do an early exit.

REVISION DETAIL
  https://phabricator.kde.org/D4997

To: graesslin, #plasma
Cc: subdiff, plasma-devel, progwolff, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/plasma-devel/attachments/20170326/2aa3f0bf/attachment-0001.html>


More information about the Plasma-devel mailing list