Feed Advanced Search

Advanced Search
Use Results
Hide Query

Mar 28 2019

mgerstner added a comment to D18845: authority: add support for passing details to polkit.
In D18845#439430, @ngraham wrote:

@mgerstner can you provide your email address so we can land this patch with correct authorship information?

Mar 28 2019, 2:14 PM

Mar 27 2019

mgerstner updated the diff for D18845: authority: add support for passing details to polkit.

Now using constData() as suggested by chinmoyr.

Mar 27 2019, 12:54 PM
mgerstner added inline comments to D18845: authority: add support for passing details to polkit.
Mar 27 2019, 11:07 AM

Feb 22 2019

mgerstner added a comment to T10480: KTextEditor KAuth helper + KAuth security review (by SUSE).
In T10480#176816, @nicolasfella wrote:

This sounds like an excellent topic for the upcoming privacy sprint (T8622). @mgerstner any chance you can attend it?

Feb 22 2019, 1:04 PM · KTextEditor

Feb 21 2019

mgerstner added a comment to D18845: authority: add support for passing details to polkit.
In D18845#416305, @bruns wrote:

Does this solve part of T8075?

Feb 21 2019, 10:08 AM
mgerstner added a comment to D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.

@cullmann wrote:

If you pass me your author email, I will push that.

Feb 21 2019, 9:39 AM · Frameworks, Kate

Feb 18 2019

mgerstner updated the diff for D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.

Use a C++11 enum class with KDE style CamelCase identifiers.

Feb 18 2019, 11:32 AM · Frameworks, Kate

Feb 15 2019

mgerstner added inline comments to D18845: authority: add support for passing details to polkit.
Feb 15 2019, 1:31 PM
mgerstner updated the diff for D18845: authority: add support for passing details to polkit.

Incorporated review comments: replaced NULL by nullptr, removed some extra whitespace within parantheses, added KF6 TODO.

Feb 15 2019, 1:29 PM

Feb 14 2019

mgerstner requested review of D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.
Feb 14 2019, 12:12 PM · Frameworks, Kate

Feb 12 2019

mgerstner requested review of D18950: KCompressionDevice: reset error in open() to allow reuse of object.
Feb 12 2019, 11:37 AM · Frameworks

Feb 8 2019

mgerstner requested review of D18845: authority: add support for passing details to polkit.
Feb 8 2019, 10:43 AM

Jan 31 2019

mgerstner added a comment to D14467: Auth Support: Drop privileges if target is not owned by root.

chinmoyr asked me to review this patch since I was involved with A CVE in similar code in kate / ktexteditor a while ago.

Jan 31 2019, 5:08 PM · Frameworks

May 9 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.
In D12513#258565, @aacid wrote:
May 9 2018, 11:51 AM · Frameworks, Kate

May 3 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.
In D12513#256845, @aacid wrote:

@mgerstner I don't really understand why we need the chdir, renameat, etc.

Dropping privileges to the minimum needed should be enough, shouldn't it?

I mean at that point the only thing that can happen is that some user breaks files he can write to anyway, so why should we take extra precautions from that point on?

May 3 2018, 9:21 AM · Frameworks, Kate

Apr 27 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.

I am the guy that came up with the initial security report. I contacted
cullman about the issue and we've exchanged a couple of emails about how
to improve the code.

Apr 27 2018, 2:20 PM · Frameworks, Kate