mgerstner (Matthias Gerstner)
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Apr 27 2018, 1:44 PM (42 w, 4 d)
Availability
Available

Recent Activity

Yesterday

mgerstner updated the diff for D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.

Use a C++11 enum class with KDE style CamelCase identifiers.

Mon, Feb 18, 11:32 AM · Frameworks, Kate

Fri, Feb 15

mgerstner added inline comments to D18845: authority: add support for passing details to polkit.
Fri, Feb 15, 1:31 PM
mgerstner updated the diff for D18845: authority: add support for passing details to polkit.

Incorporated review comments: replaced NULL by nullptr, removed some extra whitespace within parantheses, added KF6 TODO.

Fri, Feb 15, 1:29 PM

Thu, Feb 14

mgerstner requested review of D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.
Thu, Feb 14, 12:12 PM · Frameworks, Kate

Tue, Feb 12

mgerstner requested review of D18950: KCompressionDevice: reset error in open() to allow reuse of object.
Tue, Feb 12, 11:37 AM · Frameworks

Fri, Feb 8

mgerstner requested review of D18845: authority: add support for passing details to polkit.
Fri, Feb 8, 10:43 AM

Thu, Jan 31

mgerstner added a comment to D14467: Auth Support: Drop privileges if target is not owned by root.

chinmoyr asked me to review this patch since I was involved with A CVE in similar code in kate / ktexteditor a while ago.

Thu, Jan 31, 5:08 PM · Frameworks

May 9 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.
May 9 2018, 11:51 AM · Frameworks, Kate

May 3 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.

@mgerstner I don't really understand why we need the chdir, renameat, etc.

Dropping privileges to the minimum needed should be enough, shouldn't it?

I mean at that point the only thing that can happen is that some user breaks files he can write to anyway, so why should we take extra precautions from that point on?

May 3 2018, 9:21 AM · Frameworks, Kate

Apr 27 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.

I am the guy that came up with the initial security report. I contacted
cullman about the issue and we've exchanged a couple of emails about how
to improve the code.

Apr 27 2018, 2:20 PM · Frameworks, Kate