mgerstner (Matthias Gerstner)
User

Projects

User does not belong to any projects.

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Sunday

  • Clear sailing ahead.

User Details

User Since
Apr 27 2018, 1:44 PM (63 w, 6 d)
Availability
Available

Recent Activity

Mar 28 2019

mgerstner added a comment to D18845: authority: add support for passing details to polkit.

@mgerstner can you provide your email address so we can land this patch with correct authorship information?

Mar 28 2019, 2:14 PM

Mar 27 2019

mgerstner updated the diff for D18845: authority: add support for passing details to polkit.

Now using constData() as suggested by chinmoyr.

Mar 27 2019, 12:54 PM
mgerstner added inline comments to D18845: authority: add support for passing details to polkit.
Mar 27 2019, 11:07 AM

Feb 22 2019

mgerstner added a comment to T10480: KTextEditor KAuth helper + KAuth security review (by SUSE).

This sounds like an excellent topic for the upcoming privacy sprint (T8622). @mgerstner any chance you can attend it?

Feb 22 2019, 1:04 PM · KTextEditor

Feb 21 2019

mgerstner added a comment to D18845: authority: add support for passing details to polkit.

Does this solve part of T8075?

Feb 21 2019, 10:08 AM
mgerstner added a comment to D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.

@cullmann wrote:

If you pass me your author email, I will push that.

Feb 21 2019, 9:39 AM · Frameworks, Kate

Feb 18 2019

mgerstner updated the diff for D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.

Use a C++11 enum class with KDE style CamelCase identifiers.

Feb 18 2019, 11:32 AM · Frameworks, Kate

Feb 15 2019

mgerstner added inline comments to D18845: authority: add support for passing details to polkit.
Feb 15 2019, 1:31 PM
mgerstner updated the diff for D18845: authority: add support for passing details to polkit.

Incorporated review comments: replaced NULL by nullptr, removed some extra whitespace within parantheses, added KF6 TODO.

Feb 15 2019, 1:29 PM

Feb 14 2019

mgerstner requested review of D19001: katetextbuffer: refactor TextBuffer::save() to better separate code paths.
Feb 14 2019, 12:12 PM · Frameworks, Kate

Feb 12 2019

mgerstner requested review of D18950: KCompressionDevice: reset error in open() to allow reuse of object.
Feb 12 2019, 11:37 AM · Frameworks

Feb 8 2019

mgerstner requested review of D18845: authority: add support for passing details to polkit.
Feb 8 2019, 10:43 AM

Jan 31 2019

mgerstner added a comment to D14467: Auth Support: Drop privileges if target is not owned by root.

chinmoyr asked me to review this patch since I was involved with A CVE in similar code in kate / ktexteditor a while ago.

Jan 31 2019, 5:08 PM · Frameworks

May 9 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.
May 9 2018, 11:51 AM · Frameworks, Kate

May 3 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.

@mgerstner I don't really understand why we need the chdir, renameat, etc.

Dropping privileges to the minimum needed should be enough, shouldn't it?

I mean at that point the only thing that can happen is that some user breaks files he can write to anyway, so why should we take extra precautions from that point on?

May 3 2018, 9:21 AM · Frameworks, Kate

Apr 27 2018

mgerstner added a comment to D12513: CVE-2018-10361: privilege escalation.

I am the guy that came up with the initial security report. I contacted
cullman about the issue and we've exchanged a couple of emails about how
to improve the code.

Apr 27 2018, 2:20 PM · Frameworks, Kate