From 06b65e787b816b67624d435a1d7e7d443e8a6233 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Sat, 6 Apr 2013 02:34:39 -0500 Subject: [PATCH] Honor application suid requests even if they are directed at KDE --- tdecore/kdesktopfile.cpp | 18 ++++++++++++++++-- tdeio/application.desktop | 6 ++++++ tdeio/tdefile/kpropertiesdialog.cpp | 2 +- tdeio/tdeio/kservice.cpp | 15 ++++++++++++--- 4 files changed, 35 insertions(+), 6 deletions(-) diff --git a/tdecore/kdesktopfile.cpp b/tdecore/kdesktopfile.cpp index b385eeb18..9798a1ff2 100644 --- a/tdecore/kdesktopfile.cpp +++ b/tdecore/kdesktopfile.cpp @@ -310,7 +310,7 @@ bool KDesktopFile::tryExec() const return false; } } - + // See also KService::username() bool su = readBoolEntry("X-TDE-SubstituteUID"); if (su) @@ -323,7 +323,21 @@ bool KDesktopFile::tryExec() const if (!kapp->authorize("user/"+user)) return false; } - + else { + // Respect KDE su request if present + su = readBoolEntry("X-KDE-SubstituteUID"); + if (su) + { + TQString user = readEntry("X-KDE-Username"); + if (user.isEmpty()) + user = ::getenv("ADMIN_ACCOUNT"); + if (user.isEmpty()) + user = "root"; + if (!kapp->authorize("user/"+user)) + return false; + } + } + return true; } diff --git a/tdeio/application.desktop b/tdeio/application.desktop index d9e9fc3c2..d45e49578 100644 --- a/tdeio/application.desktop +++ b/tdeio/application.desktop @@ -98,6 +98,12 @@ Type=bool [PropertyDef::X-TDE-Username] Type=TQString +[PropertyDef::X-KDE-SubstituteUID] +Type=bool + +[PropertyDef::X-KDE-Username] +Type=TQString + [PropertyDef::StartupWMClass] Type=TQString diff --git a/tdeio/tdefile/kpropertiesdialog.cpp b/tdeio/tdefile/kpropertiesdialog.cpp index 87d3926b3..bece689ca 100644 --- a/tdeio/tdefile/kpropertiesdialog.cpp +++ b/tdeio/tdefile/kpropertiesdialog.cpp @@ -3154,7 +3154,7 @@ KDesktopPropsPlugin::KDesktopPropsPlugin( KPropertiesDialog *_props ) TQString pathStr = config.readPathEntry( "Path" ); m_terminalBool = config.readBoolEntry( "Terminal" ); m_terminalOptionStr = config.readEntry( "TerminalOptions" ); - m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" ); + m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" ) || config.readBoolEntry( "X-KDE-SubstituteUID" ); m_suidUserStr = config.readEntry( "X-TDE-Username" ); if( config.hasKey( "StartupNotify" )) m_startupBool = config.readBoolEntry( "StartupNotify", true ); diff --git a/tdeio/tdeio/kservice.cpp b/tdeio/tdeio/kservice.cpp index 5ccb9f33c..14eb172d5 100644 --- a/tdeio/tdeio/kservice.cpp +++ b/tdeio/tdeio/kservice.cpp @@ -206,7 +206,7 @@ KService::init( KDesktopFile *config ) m_strExec = config->readPathEntry( "Exec" ); if (kde4application && !m_strExec.startsWith("/")) { m_strExec = "XDG_DATA_DIRS=" + kde4applicationprefix + "/share XDG_CONFIG_DIRS=/etc/xdg/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:$PATH "+m_strExec; - } else if (config->readBoolEntry("X-TDE-SubstituteUID")) { + } else if (config->readBoolEntry("X-TDE-SubstituteUID") || config->readBoolEntry("X-KDE-SubstituteUID")) { int space = m_strExec.find(" "); if (space==-1) m_strExec = TDEStandardDirs::findExe(m_strExec); @@ -710,8 +710,17 @@ KService::List KService::allInitServices() } bool KService::substituteUid() const { - TQVariant v = property("X-TDE-SubstituteUID", TQVariant::Bool); - return v.isValid() && v.toBool(); + bool suid = false; + TQVariant v; + v = property("X-TDE-SubstituteUID", TQVariant::Bool); + if (v.isValid()) { + if (v.toBool()) suid = true; + } + v = property("X-KDE-SubstituteUID", TQVariant::Bool); + if (v.isValid()) { + if (v.toBool()) suid = true; + } + return suid; } TQString KService::username() const {