Re-allow running Kate and KWrite as the actual root user (but still not using sudo)
ClosedPublic

Authored by ngraham on May 26 2018, 9:04 PM.

Details

Summary

The original change (9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e) to prevent sudo usage broke the use case of running KWrite or Kate while logged in as the actual root user with a GUI session. This is how the Kali distro is set up by default, so the original change amounted to making Kate and KWrite not launch at all on this KDE distro.

This patch re-enables running as the actual root user, but keeps blocking usage via sudo or kdesu. There are no negative security implications associated with re-allowing usage via the root user, since if you're running a GUI session, you were already exposed to the original security threat and Kate and KWrite do not increase the attack surface.

I have submitted a similar change for Dolphin that has been accepted (D12795), but @elvisangelaccio wants that to go in at the same time as this, to keep them in sync.

BUG: 387973
FIXED-IN: 18.08.0

Test Plan
  • Log in as normal user and run sudo kate or sudo kwrite: you get an error message.
  • Log in as normal user and run kdesu kate or kdesu kwrite: you get an error message.
  • Log in as the root user and run Kate or KWrite normally: it works.

Diff Detail

Repository
R40 Kate
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
ngraham created this revision.May 26 2018, 9:04 PM
Restricted Application added a project: Kate. · View Herald TranscriptMay 26 2018, 9:04 PM
Restricted Application added a subscriber: kwrite-devel. · View Herald Transcript
ngraham requested review of this revision.May 26 2018, 9:04 PM
ngraham edited the summary of this revision. (Show Details)May 27 2018, 4:22 AM

Friendly ping!

dhaumann accepted this revision.May 31 2018, 9:51 AM

If it also was decided for Dolphin that this is wanted, I am fine with it.

This revision is now accepted and ready to land.May 31 2018, 9:51 AM
This revision was automatically updated to reflect the committed changes.