Disallow executing KDE Partition Manager as root.
Summary: Running GUI applications as root is a huge security risk. Especially the X server is not secured for that. Non-root applications can easily interact with a root running application and thus try to exploit simple bugs in either kate/kwrite itself or in the underlying libraries such as Qt, XLib or xcb. On Wayland the situation can be considered worse as the compositor is running as the normal user and is not protected to handle root windows. It can be rather trivial to attack the root running application from the compositor through interfaces such as scripting. This is not in the aim of the compositors to protect against. This change introduces a check whether the application is started as root before any interaction with X or Wayland happens, that is prior to creating the QApplication. If it is detected that we run as root, we exit and print an information about how to properly edit an application in kwrite/kate as root. The text is deliberatly not translated to keep the threat from running as root as low as possible. See also Differential Revision: https://phabricator.kde.org/D4634
This commit is contained in:
parent
cc73b6c9ce
commit
cfa53f6d3c
17
src/main.cpp
17
src/main.cpp
|
@ -32,10 +32,25 @@
|
|||
#include <KMessageBox>
|
||||
#include <KLocalizedString>
|
||||
|
||||
#include <config.h>
|
||||
#include "config.h"
|
||||
|
||||
#ifndef Q_OS_WIN
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
#include <iostream>
|
||||
|
||||
int Q_DECL_IMPORT main(int argc, char* argv[])
|
||||
{
|
||||
#ifndef Q_OS_WIN
|
||||
/**
|
||||
* Check whether we are running as root
|
||||
**/
|
||||
if (getuid() == 0) {
|
||||
std::cout << "Executing KDE Partition Manager as root is not possible." << std::endl;
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
QApplication app(argc, argv);
|
||||
|
||||
Kdelibs4ConfigMigrator migrate(QLatin1Literal("partitionmanager"));
|
||||
|
|
Loading…
Reference in New Issue