diff options
| author |   Andreas Sturmlechner <asturm@gentoo.org> | 2021-04-04 14:33:55 +0200 |
|---|---|---|
| committer | Andreas Sturmlechner <asturm@gentoo.org> | 2021-04-04 15:19:38 +0200 |
| commit | 8369a03e08c0708871944fed47f3939eca024659 (patch) | |
| tree | fdd791a9b68699af4dd78791783bfa3bbd5f894c /kde-frameworks/kglobalaccel/files | |
| parent | kde-frameworks/baloo: Drop 5.80.0 (r0) (diff) | |
| download | gentoo-8369a03e08c0708871944fed47f3939eca024659.tar.gz gentoo-8369a03e08c0708871944fed47f3939eca024659.tar.bz2 gentoo-8369a03e08c0708871944fed47f3939eca024659.zip | |
kde-frameworks/kglobalaccel: Don't make krunner run with root privs
Upstream commit bbec74337b3186bc258bd5adf849b89191789535
KDE-bug: https://bugs.kde.org/show_bug.cgi?id=423059
KDE-bug: https://bugs.kde.org/show_bug.cgi?id=432975
Bug: https://bugs.gentoo.org/767478
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Diffstat (limited to 'kde-frameworks/kglobalaccel/files')
| -rw-r--r-- | kde-frameworks/kglobalaccel/files/kglobalaccel-5.80.0-dont-run-w-root-privs.patch | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/kde-frameworks/kglobalaccel/files/kglobalaccel-5.80.0-dont-run-w-root-privs.patch b/kde-frameworks/kglobalaccel/files/kglobalaccel-5.80.0-dont-run-w-root-privs.patch new file mode 100644 index 000000000000..ab606eebed99 --- /dev/null +++ b/kde-frameworks/kglobalaccel/files/kglobalaccel-5.80.0-dont-run-w-root-privs.patch @@ -0,0 +1,43 @@ +From bbec74337b3186bc258bd5adf849b89191789535 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt <fabian@ritter-vogt.de> +Date: Fri, 29 Jan 2021 11:31:54 +0100 +Subject: [PATCH] Don't let kglobalaccel run if KDE_SESSION_UID mismatches + +Otherwise shortcuts execute actions as the wrong user. +--- + src/runtime/main.cpp | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/src/runtime/main.cpp b/src/runtime/main.cpp +index d2917ad..46506b3 100644 +--- a/src/runtime/main.cpp ++++ b/src/runtime/main.cpp +@@ -10,6 +10,8 @@ + #include "kglobalacceld.h" + #include "logging_p.h" + ++#include <unistd.h> ++ + #include <KAboutData> + #include <KCrash> + #include <KDBusService> +@@ -57,6 +59,16 @@ extern "C" Q_DECL_EXPORT int main(int argc, char **argv) + return 0; + } + ++ // It's possible that kglobalaccel gets started as the wrong user by ++ // accident, e.g. kdesu dolphin leads to dbus activation. It then installs ++ // its grabs and the actions are run as the wrong user. ++ bool isUidset = false; ++ const int sessionuid = qEnvironmentVariableIntValue("KDE_SESSION_UID", &isUidset); ++ if(isUidset && static_cast<uid_t>(sessionuid) != getuid()) { ++ qCWarning(KGLOBALACCELD) << "kglobalaccel running as wrong user, exiting."; ++ return 0; ++ } ++ + KDBusService service(KDBusService::Unique); + + app.setQuitOnLastWindowClosed(false); +-- +GitLab + |