Running a GUI file manager as root that has not specifically been designed with a 'root mode' is foolhardy IMO, and this change was a wise one.

In fact, Martin specifically references issues he found with Dolphin when blogging about the change in Kate.

https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/

As running as root has been disabled, I very much doubt much or any attention has been aimed by KDE at solving or mitigating issues that could arise by running directly as root, as it would not be considered now it has been disabled for some time.

Also I do not feel that I could justify such a change to the ubuntu release team, which I feel this would require.

I'm not a power user, but being able to work with files and folders as root was always an obvious thing - a necessity really, since with Linux (and KDE especially) things don't always work initially and you have to tweak and change different system files, often just following proven procedures from previous installations (I've got a special file with all the steps). And I'm not a terminal whizz, so being able to work in a graphical environment is important for me. This has become substantially harder after Dolphin and Kate root modes were disabled, and we have to do workarounds, like using Krusader in root mode. So if, as a user, I should have a voice here, I'm voting for restoring root privileges. I can't think of many things which are as useful.

Hello to the KDE dev team!

For what it's worth, I would also like to see this patch reverted for the Kubuntu 18.04 LTS release.

I understand the KDE devs' concerns regarding the attack surface of the underlying software (such as Qt) and I appreciate that they had the best intentions when they applied this patch. Still, I think that in the spirit of Freedom, we should let the end users be the ones to actually take personal responsibility for their computing habits/decisions instead of making decisions for them.

And yet, I am not against the idea of trying to educate these same users to help them adopt better habits (not force them on them)! How about we just incude a WARNING message when someone launches Dolphin as root? This way:

1. The end user is warned/informed/educated of the potential security implications of this action
2. The KDE devs can sleep with a clear conscience
3. Freedom is restored and non-terminal users (they exist!) feel empowered once again

This will be a win-win-win situation! :)

Cheers!

I support the action to get Dolphin back to normal. To stop Dolfin from working as a root is a very destructive move for the head of the KDE population. All other file managers work in root mode only Dolfin is stopped. It's like someone wants to totally destroy KDE. the biggest nonsense is the Kali distribution based on Debian, Dolphin does not work, kate does not work, kwrite does not work. I'm used to Dolphin and now I have to use some beta versions of programs that imitate the total commander from windows.Years of work in Dolphin and now suddenly I need to change my habits or change distribution and go to gnome or XFCE. I understand people who are opposed and who are typing commands, but I'm typing a lot of commands because I've been doing it for years on mainframe computers that do not work on the linux. Dolphin was the best file manager until it was abolished by the abolition of root options.

In T8460#137443, @draganlegic wrote:

It's like someone wants to totally destroy KDE.

I understand your passion, but let's please try to keep it technical. Insulting the people who provide you with software for free is not likely to be the best approach in getting what you want. See https://community.kde.org/Get_Involved/Bug_Reporting#Remember_your_manners

It's a complicated issue. Running GUI software as root genuinely is a lousy idea most of the time, and using PolKit is the better way. However, there are two issues here:

• Polkit support in Kate & KWrite doesn't solve the use case of wanting to do file management in Dolphin that doesn't involve text editing in a location not owned by your user
• Some distros like Kali actually boot into a root session by default, and in this environment, you can't use Dolphin (or Kate/KWrite) at all.
• Docker containers commonly run the software as root inside the container; can't use Dolphin (or Kate/KWrite) at all here.

I understand the reason behind the change, but it was a sledgehammer decision that failed to consider many use cases, and was made before the replacement was implemented (and it still isn't done). It's not fair to remove a feature (even a flawed, insecure one), without providing users with a migration path to the promised better options.

@ngraham,
I apologize if you misinterpreted my poor English proficiency as an insult. I have about 70 years and I've been working on computers all my life, I started with punch cards and ended up on color terminals .I use Linux from the hobby, and I do not care if it's Linux or Windows. The fact that I have access to the source code and the Linux does not mean anything to me, my world and knowledge are related to the Fortran, Cobol, asembler, JCL, SQL etc....I do not offend anyone and thank you for the free programs, you have your own way, I have my own way and my choice whether I will either not use a particular operating system or I simply turn off my machine. Please do not take this as an offense, but I'm asking myself how did you just realize that Dolphin is dangerous to root and GUI mode and why other distributions do not have these restrictions for their file managers.

From my perspective, it's pretty bad Dolphin got locked down. I might be wrong but OpenSUSE have unlocked it again after heavy criticism from their user base.

There are 2 goals that should be achieved before unlocking it again:
1 Wayland
2 A better installer (Calamares)

As things stand right now, Kubuntu is set up to be foolproof.

Please say I'm wrong. I can only learn from that.

Actually I don't see where draganlegic's post is insulting. He does have a very valid point. Yes written with passion but I do understand his passion. It's very disheartening to fire up you system after an update that your lively hood depends to find the tools you have been using for over 20 years fail to execute. Especially when these are common tools such as a text editor and a file manager. You know I read the "Remember_your_manners" page and maybe the developers need to have "A thick skin" too. This is a bad and completely wrong mistake made by the developers. People are going to complain and be mad when you mess with their lively hood. Especially when the flaw from an engineering stand point is just plain wrong.

I have work with UNIX/Linux systems since the 70's. I have used Linux and KDE since the early 90's everyday for my jobs. I am a Linux engineer and have managed 1,000s of Linux systems mostly securing these systems. Security has been my job for over 25 years. I do know a few things. I first posted a polite bug report on the KDE bug report site and got a curt response that I didn't know what I was talking about and was basically cut off and told WONTFIX. Politeness and respect work both ways. The developer needs to learn "respect your elders" us old guys do know a few things. When someone with over 20 years of using something everyday says "this is a stupid mistake" instead of getting your feelings hurt listen. We all do stupid things for time to time I know I do.

Here's a BIG technical reason for this to be changed back.

Root is a "system level" account not a user account under control of the OS and not the desktop. Root is to have full access to every process and application. This has been a UNIX standard since the 1970's. KDE is NOT a system level process. KDE is a desktop which runs in the Presentation and Application of the OSI model (You guys have heard of the 7 layers of the OSI model?) The root account is part of the System layer of this model. When developing and application the developer is not to screw with the system functions. These embedded flaws do just that by breaking root access to these binaries.

One reason I was told for this change was Wayland now runs in the user space. Yes this is the case when logged in under a normal user account the compositor runs under that account. When logged in under a root account this is not the case the compositor then runs under the root account just fine. Download a copy of Kali the the Gnome DE and you'll see Wayland does run under root when you are root. So this reason is flawed.

I also read that the reason for this was because a hacker could hijack the kate process and since konsole is embedded into kate a hacker then gain root access if kate is hijacked. Yes this is most likely true BUT if an attacker does seize the kate process and gains access to the embedded knosole if the attacker typs commands in konsole the root user will see these actions. As someone that hacks systems for a living when I gain access to a Linux system under a user account I'm going to try to hijack a system process not a running application. The reason is if you hijack an application you never know when the user will kill that process you time is limited. You don't look for a running kate or dolphin process. Kworker will do. Also when hijacking an application process your attempts to hijack it will make that application get weird and the user of that process can figure out someone is on the machine. So this reason yes can be real but trivial as a security risk. I'll take the risk.

I also read that if you all come to your senses and fix this flaw that the fix will not come out until the next version of Kubuntu why not just revert the code and push out the update? I really need this fixed now not months from now. For one thing I'm not using Kubuntu I'm using Kali. Let me share something I learned in engineering school. "If it ain't broke don't screw with it."

People like myself that must be logged in as root for work understand the risk and are careful and paranoid while in root. They also understand the risk and if anything bad happens they assume the risk. As people like myself only work under the root account to only do the work needed and then change to a normal user account for normal use. I don't need you to hold my hand and keep me safe.

Also I'd like to point out that the main distro that uses your DE by default (SuSE) has fixed this flaw in their repos. Shouldn't this tell you this is unwanted.

I'm sorry if you think I'm rude but you guys have also been a bit rude with the people complaining about this flaw. My shortness on this also comes from being an engineer for so long but when I see developers messing playing God and making bad engineering mistakes yes I do get crabby.

Again sorry for my rudeness but let's all admit this is a bad idea revert it back and all us be happy with our lives and get back to some real work.

Thank you

The fact that openSUSE (a major enterprise player) is patching this out seems noteworthy.

The root of the problem is that Ubiquity doesn't allow you to create a root and a user account. Which is pretty unnatural for a Unix-like system. Maybe I'm wrong though.

The root of the problem is that Ubiquity doesn't allow you to create a root and a user account. Which is pretty unnatural for a Unix-like system. Maybe I'm wrong though.

The root of the problem is that Ubiquity doesn't allow you to create both a root and a user account. Which is pretty unnatural for a Unix-like system. Maybe I'm wrong though.

The fact that openSUSE (a major enterprise player) is patching this out seems noteworthy.

Yes. It's also not a toy. It's designed with the sysadmin in mind.

I disagree with this change. If you need root changes then you should change yourself to root and make your changes with mv, cp, touch and such.

@bweaver,
I was engaging my daughter to translate your writing correctly. Thank you for the correct and objective explanation. I did not work with Unix or linux OS, but I'm working on PDP11, Vax, Fujitsu, Bull-8000, Bull-9000, but I can figure out the problem. When I started to use linux, I felt that the user was always responsible for anything that was not good or Microsoft or hardware makers and drivers. If the linix is made for ordinary people, then developers should respect users rather than requiring the user to blush and whisper everything that is programmed and maybe not good. I know that if a doctor has to get people to finish the medical faculty, the lawyer must complete the law faculty, I had to finish the cybernetics to program and run a computer center. Now we come to the situation of Microsoft's behavior, accept what you are getting or leave and go to another distribution.
Thank you for writing and I welcome you

If you need root changes then you should change yourself to root and make your changes with mv, cp, touch and such.

User should never (ideally) access root via workarounds. Root should only be accessed by root. That means 2 different accounts (and different credentials, of course). This is a dead end :)

I have not been using debian and debian-derivatives ever since the move towards systemd-dumbification.

However had, this is only partially related to debian (or ubuntu for that matter) - this is the KDE team
being crazy.

I've noticed that elsewhere, e. g. the kate editor disallowing the superuser from modifying files. Whereas
gedit, nano, vim, emacs, have no "opinion" attached and run just fine.

There is nothing wrong with being the superuser. Propaganda often claims that the world will collapse
when you use the computer in any way you want to, but upstream people - in this case, some KDE
devs who think they are wiser than everyone else - always think differently.

I tried to reason with these people but they are agenda-driven. The agenda is "superuser is evil
and must be forbidden". There is no way to reason with these people.

The biggest problem is that they force YOU into their mindset by preventing YOU from using the
computer in any way that you see fit.

It's possible to write and use patches to get rid of crippling functionality but it's an uphill battle.

People should realize that upstream targets end users that are sheep without an opinion so
they won't do any changes to allow YOU more freedom. They only build up more of a prison,
and keep on claiming how awesome the prison is.

I myself use mate-desktop mostly these days, and fluxbox. From KDE I sometimes still use
konsole, because it is good, but the vte/mate-terminal also largely replaced most of that,
simply because I just have no time to keep on arguing with upstream KDE devs who are
agenda-driven.

I can't disagree. The solution would be to unlock root and highlight in red when you're in root.

I have not been using debian and debian-derivatives ever since the move towards systemd-dumbification.

Looking forward to Devuan with Plasma 5 on it. I think it's doable.

In T8460#139916, @raddison wrote:

I have not been using debian and debian-derivatives ever since the move towards systemd-dumbification.

Looking forward to Devuan with Plasma 5 on it. I think it's doable.

Sad to say but Devuan will have the same default Plasma as Debian so this problem will still exist. Right now your only bet is Open SuSE since they are nice enough to fix this bug.

So the code monkeys know better than the End User. Even when the End User has been using KDE since the time when the coder’s favorite computer was “Speak n Spell”.

What really makes me mad about all this is the fact that myself and others on here have pointed out real and technical reasons for this not to be yet the coders have not responded not once to these reasons. The only reply really has been “Using root is dangerous, don’t use root”. You have yet to secure anything since any other text editor or file manager just plain works when logged in as root. Your lack of answers to these direct questions clearly shows we have legitimate reasons and you have no answer that will back up your actions. Yes in the back of your mind you know we are right and you are too arrogant to admit this was all a mistake and return things to normal.

Well OK kids its your “walled garden” now. Just remember no matter how pretty the walls are if you can’t walk out and be free with your own personal decisions your garden is still a prison.

One thing you have disclosed in this is your lack of proper security auditing of your code. Yes I will be looking into that. When I do find that gaping hole should I be responsible and “do the right thing” and submit a bug report or dump it into the wild? Well since you all think I don’t know what I’m doing why report it so I’ll just dump it into the wild.

Yes I will also have “nice” things to say about the KDE team in the book I am presently working on and warn my readers that the KDE team feels that Security Researchers are just too stupid to maintain the security of their operating system and it takes a third rate code monkey to keep us all safe.

Little riki I hate to tell you this but these actions of yours plainly show you ain’t no “Code Ninja” just another code monkey attempting to have intercourse with a football an in the process screwing up a very good product in an attempt to show your skillz.

You're not helping, Bo. Your concerns have been noted, and I continue to attempt to make this case internally. Be patient please, and refrain from insulting the people who you would like to accept your point of view.

If you find a security flaw, please be responsible and report it, rather than being spiteful and hurting everyone. I understand that you're upset, but acting out of spite never helps.

Dear Nate,

You are right insults don't go far but again I point out "Respect works BOTH ways." I was polite reported this problem and then I'm treated like a fool and the only reply I get is "Don't use root it's dangerous." after sending in a technical response. I wanted to have a adult technical discussion about this and I get insulted instead and treated like a fool or no reply at all for weeks. Again respect works BOTH ways.

Sorry but my patience has worn thin it has been over 5 months now and only you Nate have been good enough to reply in a kindly way and appear to be the only one attempting to correct this. Five months I do have work to do. I use this DE to do work which this built in flaw cripples my work flow.

True Responsible Disclosure is the right way to go and normally this is the route I follow when I discover a flaw. Normally except for Microsoft and Oracle these bug reports are handled in the proper manner a technical discussion is held the problem is fix I am thanked for my help, everyone is happy and the world is a safer place. After the way this has been handled it makes me asked myself what would be the use in reporting a bug to you all just to be insulted and nothing gets fixed. Yes dumping an exploit in the wild is the wrong thing to do but when this happens things do get fixed in a hurry and without me being told how wrong I am by the coders. So if you want help from the hackers "Be nice!"

After all I am the guy you are attempting to keep out it seems you would want to hear what I have to say on this topic. I don't claim to be a "Ninja Hacker" but I can hold my own and I have written several books on the subject so I do have some insight into all this. Right now I am working on another book on using Kali Linux and it breaks my heart that I have to write to my readers not to use the desktop I have used for over 20 years because it is now broken for use with Kali over a non-issue. I'm not going to direct my readers to use something that will make Linux "appear" to be broken. One of my reasons for writing these books is to get more people to use Linux. It is the best and most secure OS around. When you click on an application and NOTHING happens, no warning just nothing it does appear to the untrained user the OS is broken.

I have to ask instead of spinning your wheels attempting to fix these that aren't broken why aren't these guys working on your PIM it has needed a lot of work for years and build the next Outlook killer? Your PIM really could use some coder love.

Since this bug is closed as WONTFIX I will move along now and move to LXDE its not as nice as KDE but all the applications do work and they keep within their layers of the OSI model and don't mess with system level functions.

And again I say if your people want respect then give respect. If you don't want insulting comments then don't hand them out. Nate please note you sent a respectful reply and I have returned one too you. I only get insulting when insulted especially when the insult comes from someone that has no clue about the use case.

Just for our sanity's sake, I went ahead and raised the issue in the Lunduke Show some days ago.
Here are Bryan's thoughts on this:
https://www.youtube.com/watch?v=YvADk2k8vIY&t=1746s

If you don't know who Lunduke is, he is a respectable (and somewhat weird) voice in the FOSS community.
I tried to give the issue some extra visibility through his show.

It seems to me that restoring the Dolphin sudo functionality is a pretty reasonable thing to do.