Honor application suid requests even if they are directed at KDE

12 years ago · 06b65e787b
parent 658707d49e
commit 06b65e787b
4 changed files with 35 additions and 6 deletions
--- a/tdecore/kdesktopfile.cpp
+++ b/tdecore/kdesktopfile.cpp
@ -310,7 +310,7 @@ bool KDesktopFile::tryExec() const
           return false;
     }
  }
-  
+
  // See also KService::username()
  bool su = readBoolEntry("X-TDE-SubstituteUID");
  if (su)
@ -323,7 +323,21 @@ bool KDesktopFile::tryExec() const
      if (!kapp->authorize("user/"+user))
        return false;
  }
-  
+  else {
+      // Respect KDE su request if present
+      su = readBoolEntry("X-KDE-SubstituteUID");
+      if (su)
+      {
+          TQString user = readEntry("X-KDE-Username");
+          if (user.isEmpty())
+            user = ::getenv("ADMIN_ACCOUNT");
+          if (user.isEmpty())
+            user = "root";
+          if (!kapp->authorize("user/"+user))
+            return false;
+      }
+  }
+
  return true;
 }

--- a/tdeio/application.desktop
+++ b/tdeio/application.desktop
@ -98,6 +98,12 @@ Type=bool
 [PropertyDef::X-TDE-Username]
 Type=TQString

+[PropertyDef::X-KDE-SubstituteUID]
+Type=bool
+
+[PropertyDef::X-KDE-Username]
+Type=TQString
+
 [PropertyDef::StartupWMClass]
 Type=TQString

--- a/tdeio/tdefile/kpropertiesdialog.cpp
+++ b/tdeio/tdefile/kpropertiesdialog.cpp
@ -3154,7 +3154,7 @@ KDesktopPropsPlugin::KDesktopPropsPlugin( KPropertiesDialog *_props )
  TQString pathStr = config.readPathEntry( "Path" );
  m_terminalBool = config.readBoolEntry( "Terminal" );
  m_terminalOptionStr = config.readEntry( "TerminalOptions" );
-  m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" );
+  m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" ) || config.readBoolEntry( "X-KDE-SubstituteUID" );
  m_suidUserStr = config.readEntry( "X-TDE-Username" );
  if( config.hasKey( "StartupNotify" ))
    m_startupBool = config.readBoolEntry( "StartupNotify", true );
--- a/tdeio/tdeio/kservice.cpp
+++ b/tdeio/tdeio/kservice.cpp
@ -206,7 +206,7 @@ KService::init( KDesktopFile *config )
  m_strExec = config->readPathEntry( "Exec" );
  if (kde4application && !m_strExec.startsWith("/")) {
    m_strExec = "XDG_DATA_DIRS=" + kde4applicationprefix + "/share XDG_CONFIG_DIRS=/etc/xdg/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:$PATH "+m_strExec;
-  } else if (config->readBoolEntry("X-TDE-SubstituteUID")) {
+  } else if (config->readBoolEntry("X-TDE-SubstituteUID") || config->readBoolEntry("X-KDE-SubstituteUID")) {
    int space = m_strExec.find(" ");
    if (space==-1)
      m_strExec = TDEStandardDirs::findExe(m_strExec);
@ -710,8 +710,17 @@ KService::List KService::allInitServices()
 }

 bool KService::substituteUid() const {
-  TQVariant v = property("X-TDE-SubstituteUID", TQVariant::Bool);
-  return v.isValid() && v.toBool();
+  bool suid = false;
+  TQVariant v;
+  v = property("X-TDE-SubstituteUID", TQVariant::Bool);
+  if (v.isValid()) {
+    if (v.toBool()) suid = true;
+  }
+  v = property("X-KDE-SubstituteUID", TQVariant::Bool);
+  if (v.isValid()) {
+    if (v.toBool()) suid = true;
+  }
+  return suid;
 }

 TQString KService::username() const {