andrius
/
kpmcore
1
0
Fork 0
Code Pull Requests Releases Activity

Compare commits

base: andrius:6b260fa84e75944fd15c3fff1a77723086af2038
Branches Tags
andrius:master
andrius:release/21.04
andrius:release/20.12
andrius:raid-support
andrius:4.0
andrius:3.2
andrius:v20.12.3
andrius:v20.12.2
andrius:v20.12.1
andrius:v20.12.0
andrius:v20.11.90
andrius:v20.11.80
andrius:v4.2.0
andrius:v4.1.0
andrius:v4.0.1
andrius:v4.0.0
andrius:v3.80.0
andrius:v3.3.0
andrius:v3.2.1
andrius:v3.2.0
andrius:v3.1.2
andrius:v3.1.1
andrius:v3.1.0
andrius:v3.0.3
andrius:v3.0.2
andrius:v3.0.1
andrius:v3.0.0
andrius:v2.9.90
andrius:v2.2.1
andrius:v2.2.0
andrius:v2.1.1
andrius:v2.1.0
andrius:v2.0.2
andrius:v2.0.1
andrius:v2.0.0
andrius:v1.9.50
..
compare: andrius:76ede03bd22aa44695a0f95a95c2edf46690b0e2
Branches Tags
andrius:master
andrius:release/21.04
andrius:release/20.12
andrius:raid-support
andrius:4.0
andrius:3.2
andrius:v20.12.3
andrius:v20.12.2
andrius:v20.12.1
andrius:v20.12.0
andrius:v20.11.90
andrius:v20.11.80
andrius:v4.2.0
andrius:v4.1.0
andrius:v4.0.1
andrius:v4.0.0
andrius:v3.80.0
andrius:v3.3.0
andrius:v3.2.1
andrius:v3.2.0
andrius:v3.1.2
andrius:v3.1.1
andrius:v3.1.0
andrius:v3.0.3
andrius:v3.0.2
andrius:v3.0.1
andrius:v3.0.0
andrius:v2.9.90
andrius:v2.2.1
andrius:v2.2.0
andrius:v2.1.1
andrius:v2.1.0
andrius:v2.0.2
andrius:v2.0.1
andrius:v2.0.0
andrius:v1.9.50

No commits in common. "6b260fa84e75944fd15c3fff1a77723086af2038" and "76ede03bd22aa44695a0f95a95c2edf46690b0e2" have entirely different histories.
6b260fa84e ... 76ede03bd2

10 changed files with 7 additions and 53 deletions
Show Stats Expand all files Collapse all files

5
.reuse/dep5
View File

@ -17,8 +17,3 @@ Copyright: 2020 KDE translators
Files: src/util/org.kde.kpmcore.helperinterface.conf
License: MIT
Copyright: 2018 Andrius Štikonas <andrius@stikonas.eu>
# Just list of directories
Files: src/util/trustedprefixes
License: CC0-1.0
Copyright: None

5
CMakeLists.txt
View File

@ -17,13 +17,10 @@ project(kpmcore VERSION ${RELEASE_SERVICE_VERSION})
set(SOVERSION "12")
add_definitions(-D'VERSION="${RELEASE_SERVICE_VERSION}"') #"
set(CMAKE_USE_RELATIVE_PATHS OFF)
set(CMAKE_BUILD_WITH_INSTALL_RPATH ON)
# Note that KPMcore is restricted to only run binaries installed into trusted prefixes
# See src/util/trustedprefixes
# By default this is set to / and /usr which is good for majority of distros
# Dependencies
set(QT_MIN_VERSION "5.15.0")
set(KF5_MIN_VERSION "5.90")

4
src/plugins/dummy/pmdummybackendplugin.json
View File

@ -40,7 +40,7 @@
],
"Category": "BackendPlugin",
"Description": "A KDE Partition Manager dummy backend for testing purposes.",
"Description[ca@valencia]": "Un dorsal fals per al gestor de particions de KDE amb la finalitat de fer proves.",
"Description[ca@valencia]": "Un dorsal fals per al gestor de particions del KDE amb la finalitat de fer proves.",
"Description[ca]": "Un dorsal fals per al gestor de particions del KDE amb la finalitat de fer proves.",
"Description[cs]": "Falešná podpůrná vrstva pro správce diskových oddílů KDE pro testovací účely.",
"Description[da]": "En KDE-partitionshåndtering med attrap-backend til testformål.",
@ -75,7 +75,7 @@
"Id": "pmdummybackendplugin",
"License": "GPL",
"Name": "KDE Partition Manager Dummy Backend",
"Name[ca@valencia]": "Dorsal fals del gestor de particions de KDE",
"Name[ca@valencia]": "Dorsal fals del gestor de particions del KDE",
"Name[ca]": "Dorsal fals del gestor de particions del KDE",
"Name[cs]": "Podpůrná vrstva pro správce diskových oddílů pro KDE",
"Name[da]": "KDE-partitionshåndtering med attrap-backend",

4
src/plugins/sfdisk/pmsfdiskbackendplugin.json
View File

@ -40,7 +40,7 @@
],
"Category": "BackendPlugin",
"Description": "A KDE Partition Manager sfdisk backend.",
"Description[ca@valencia]": "Un dorsal «sfdisk» del gestor de particions de KDE.",
"Description[ca@valencia]": "Un dorsal «sfdisk» del gestor de particions del KDE.",
"Description[ca]": "Un dorsal «sfdisk» del gestor de particions del KDE.",
"Description[cs]": "Podpůrná vrstva sfdisk pro správce diskových oddílů pro KDE.",
"Description[da]": "En KDE-partitionshåndtering med sfdisk-backend.",
@ -75,7 +75,7 @@
"Id": "pmsfdiskbackendplugin",
"License": "GPL",
"Name": "KDE Partition Manager sfdisk Backend",
"Name[ca@valencia]": "Dorsal «sfdisk» del gestor de particions de KDE",
"Name[ca@valencia]": "Dorsal «sfdisk» del gestor de particions del KDE",
"Name[ca]": "Dorsal «sfdisk» del gestor de particions del KDE",
"Name[cs]": "Podpůrná vrstva sfdisk pro správce diskových oddílů pro KDE",
"Name[da]": "KDE-partitionshåndtering med sfdisk-backend",

10
src/util/CMakeLists.txt
View File

@ -11,16 +11,6 @@
set(helper_interface_xml org.kde.kpmcore.helperinterface.xml)
FILE(READ "util/trustedprefixes" TRUSTED_PREFIXES)
STRING(REGEX REPLACE ";" "\\\\;" TRUSTED_PREFIXES "${TRUSTED_PREFIXES}")
STRING(REGEX REPLACE "\n" ";" TRUSTED_PREFIXES "${TRUSTED_PREFIXES}")
foreach(TRUSTED_PREFIX ${TRUSTED_PREFIXES})
list(APPEND TRUSTED_PREFIXES_LIST " QStringLiteral(\"${TRUSTED_PREFIX}\")")
endforeach()
string(REPLACE "; QStringLiteral(" ",\n QStringLiteral(" TRUSTED_PREFIXES_LIST "${TRUSTED_PREFIXES_LIST}")
set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS util/trustedprefixes)
configure_file(util/externalcommand_trustedprefixes.h.in util/externalcommand_trustedprefixes.h)
qt_generate_dbus_interface(
util/externalcommand.h
${application_interface_xml}

8
src/util/externalcommand_trustedprefixes.h.in
View File

@ -1,8 +0,0 @@
/*
SPDX-FileCopyrightText: 2022 Andrius Štikonas <andrius@stikonas.eu>
SPDX-License-Identifier: GPL-3.0-or-later
*/
const std::unordered_set<QString> trustedPrefixes {
@TRUSTED_PREFIXES_LIST@
};

1
src/util/externalcommand_whitelist.h
View File

@ -9,7 +9,6 @@
#define KPMCORE_EXTERNALCOMMAND_WHITELIST_H
#include <unordered_set>
#include "util/externalcommand_trustedprefixes.h"
const std::unordered_set<QString> allowedCommands {
// TODO no root needed

20
src/util/externalcommandhelper.cpp
View File

@ -19,10 +19,8 @@
#include <QCoreApplication>
#include <QDebug>
#include <QDir>
#include <QElapsedTimer>
#include <QFile>
#include <QFileInfo>
#include <QString>
#include <QVariant>
@ -348,23 +346,9 @@ QVariantMap ExternalCommandHelper::RunCommand(const QString& command, const QStr
}
// Compare with command whitelist
QFileInfo fileInfo(command);
QString basename = fileInfo.fileName();
QString basename = command.mid(command.lastIndexOf(QLatin1Char('/')) + 1);
if (allowedCommands.find(basename) == allowedCommands.end()) { // TODO: C++20: replace with contains
qInfo() << command << "command is not one of the whitelisted commands";
reply[QStringLiteral("success")] = false;
return reply;
}
// Make sure command is located in the trusted prefix
QDir prefix = fileInfo.absoluteDir();
QString dirname = prefix.dirName();
if (dirname == QStringLiteral("bin") || dirname == QStringLiteral("sbin")) {
prefix.cdUp();
}
if (trustedPrefixes.find(prefix.path()) == trustedPrefixes.end()) { // TODO: C++20: replace with contains
qInfo() << prefix.path() << "prefix is not one of the trusted command prefixes";
reply[QStringLiteral("success")] = false;
qInfo() << command <<" command is not one of the whitelisted command";
return reply;
}

1
src/util/org.kde.kpmcore.externalcommand.policy
View File

@ -11,7 +11,6 @@ SPDX-License-Identifier: CC0-1.0
<action id="org.kde.kpmcore.externalcommand.init" >
<description>Run privileged partition manager helper</description>
<description xml:lang="ca">Executa l'ajudant del gestor de particions amb privilegis</description>
<description xml:lang="ca@valencia">Executa l'ajudant del gestor de particions amb privilegis</description>
<description xml:lang="en_GB">Run privileged partition manager helper</description>
<description xml:lang="es">Ejecutar la aplicación auxiliar de gestión de particiones con privilegios</description>
<description xml:lang="fr">Lancer l'assistant de gestionnaire de partition en mode administrateur</description>

2
src/util/trustedprefixes
View File

@ -1,2 +0,0 @@
/
/usr