1. 15 Jun, 2019 1 commit
  2. 14 Apr, 2019 1 commit
  3. 15 Jan, 2019 1 commit
  4. 08 Jan, 2019 1 commit
  5. 20 Dec, 2018 1 commit
    • Nicolas Fella's avatar
      [KWrite] Correct error message · 68b2ad65
      Nicolas Fella authored
      Summary: When trying to run KWrite with sudo the warning talks about Kate
      
      Test Plan:
      Run KWrite with sudo: Error message says KWrite
      Run Kate with sudo: Error message says Kate
      
      Reviewers: #kate, dhaumann
      
      Reviewed By: #kate, dhaumann
      
      Subscribers: dhaumann, kwrite-devel
      
      Tags: #kate
      
      Differential Revision: https://phabricator.kde.org/D17646
      68b2ad65
  6. 19 Aug, 2018 1 commit
  7. 19 Jun, 2018 1 commit
  8. 31 May, 2018 1 commit
    • Nate Graham's avatar
      Re-allow running Kate and KWrite as the actual root user (but still not using sudo) · bf6d5b75
      Nate Graham authored
      Summary:
      The original change (9adcebd3) to prevent sudo usage broke the use case of running KWrite or Kate while logged in as the actual `root` user with a GUI session. This is how the Kali distro is set up by default, so the original change amounted to making Kate and KWrite not launch at all on this KDE distro.
      
      This patch re-enables running as the actual root user, but keeps blocking usage via `sudo` or `kdesu`. There are no negative security implications associated with re-allowing usage via the root user, since if you're running a GUI session, you were already exposed to the original security threat and Kate and KWrite do not increase the attack surface.
      
      I have submitted a similar change for Dolphin that has been accepted (D12795), but @elvisangelaccio wants that to go in at the same time as this, to keep them in sync.
      
      BUG: 387973
      FIXED-IN: 18.08.0
      
      Test Plan:
      - Log in as normal user and run `sudo kate` or `sudo kwrite`: you get an error message.
      - Log in as normal user and run `kdesu kate` or `kdesu kwrite`: you get an error message.
      - Log in as the root user and run Kate or KWrite normally: it works.
      
      Reviewers: #kate, dhaumann, cullmann, #ktexteditor
      
      Reviewed By: #kate, dhaumann, #ktexteditor
      
      Subscribers: kwrite-devel, elvisangelaccio
      
      Tags: #kate
      
      Differential Revision: https://phabricator.kde.org/D13138
      bf6d5b75
  9. 15 Sep, 2017 1 commit
  10. 08 May, 2017 2 commits
  11. 18 Feb, 2017 1 commit
  12. 17 Feb, 2017 1 commit
    • Martin Gräßlin's avatar
      Disallow executing kate and kwrite as root on Linux · 9adcebd3
      Martin Gräßlin authored
      Summary:
      Running GUI applications as root is a huge security risk. Especially
      the X server is not secured for that. Non-root applications can easily
      interact with a root running application and thus try to exploit simple
      bugs in either kate/kwrite itself or in the underlying libraries such
      as Qt, XLib or xcb.
      
      In addition kate can be abused to just open the konsole window and any
      command can be entered using the XTest extension. This was demonstrated
      for dolphin in [1]. The application itself cannot do anything to protect
      against it.
      
      On Wayland the situation can be considered worse as the compositor is
      running as the normal user and is not protected to handle root windows.
      It can be rather trivial to attack the root running application from the
      compositor through interfaces such as scripting. This is not in the aim
      of the compositors to protect against.
      
      The common use case why users start editors as root is to edit root
      owned files. This is a valid use case, but there is no need to run the
      application as root. Instead one can use sudoedit to run the application
      as user and still be able to edit as root.
      
      This change introduces a check whether the application is started as
      root before any interaction with X or Wayland happens, that is prior to
      creating the QApplication. If it is detected that we run as root, we
      exit and print an information about how to properly edit an application
      in kwrite/kate as root. The text is deliberatly not translated to keep
      the threat from running as root as low as possible.
      
      The output is:
      martin@martin-desktop: ~ $ sudo /opt/kf5/bin/kate
      Executing Kate as root is not possible. To edit files as root use:
      SUDO_EDITOR=kate sudoedit <file>
      martin@martin-desktop: ~ $ sudo /opt/kf5/bin/kwrite
      Executing Kate as root is not possible. To edit files as root use:
      SUDO_EDITOR=kwrite sudoedit <file>
      
      [1] http://git.net/ml/kwrite-devel/2016-01/msg00011.html
      
      Test Plan: See output
      
      Reviewers: #kate
      
      Subscribers: kwrite-devel
      
      Differential Revision: https://phabricator.kde.org/D4634
      9adcebd3
  13. 22 Nov, 2016 1 commit
  14. 07 Sep, 2016 1 commit
  15. 05 Sep, 2016 1 commit
  16. 16 Aug, 2016 1 commit
    • Harald Sitter's avatar
      explicitly initialize kcrash · 9c260515
      Harald Sitter authored
      Summary:
      To quote the documentation
      > Call this in your main() to ensure that the crash handler is always
      > launched.
      
      The problem in particular is that cmake will not actually link kcrash even
      if it is in the link list but not used. ::initialize for the most part just
      makes sure that we actually link against kcrash and thus have it
      initialized via qt static init magic.
      
      Reviewers: dhaumann
      
      Reviewed By: dhaumann
      
      Subscribers: dhaumann, kwrite-devel, #kate
      
      Differential Revision: https://phabricator.kde.org/D2460
      9c260515
  17. 02 Jul, 2016 1 commit
  18. 15 Jun, 2016 1 commit
  19. 21 Oct, 2015 2 commits
  20. 14 Oct, 2015 1 commit
  21. 12 Oct, 2015 1 commit
  22. 09 Oct, 2015 1 commit
    • Milian Wolff's avatar
      Make it possible to open files at a certain line or column. · fcf16e1b
      Milian Wolff authored
      That was possible before, but now we support the much more common
      format of file:line:column. All of that is optional of course.
      You can also open just file:line.
      
      Note that this check is only done for local files, not remote ones.
      
      Dominik said he'll post-review this patch once I pushed it.
      fcf16e1b
  23. 26 Jul, 2015 1 commit
  24. 08 Mar, 2015 2 commits
  25. 29 Oct, 2014 1 commit
  26. 07 Sep, 2014 1 commit
  27. 14 May, 2014 1 commit
  28. 17 Mar, 2014 1 commit
  29. 23 Jan, 2014 1 commit
  30. 21 Jan, 2014 3 commits
  31. 20 Jan, 2014 2 commits