The security review by the SUSE security team showed a few more issues that could be solved in the KAuth helper used by ktexteditor. These are collected here to keep track of them.
- Don't write to "unexpected" file systems like /proc and /sys (http://bugzilla.suse.com/show_bug.cgi?id=1147045)
- Drop privileges / do not handle directories that do not need root permissions (http://bugzilla.suse.com/show_bug.cgi?id=1147043)
- Reject anything but regular files (http://bugzilla.suse.com/show_bug.cgi?id=1147041)
- Define safe target selection mode and ownership (http://bugzilla.suse.com/show_bug.cgi?id=1147038)
- Add the path name to the file being written to in the polkit authorization message (this might require the newest polkit-qt available; http://bugzilla.suse.com/show_bug.cgi?id=1147035)