On 04/12/18 16:37, Smits Katze wrote:
> Background: I want to sandbox KDE apps and need to understand better how
> KIO works.
>
> My current level of understanding is that apps ask klauncher/kdeinit for
> a KIO slave if they need one. Then either kdeinit spawns a new slave
> process, or there is already an idle slave and it is reused. Idle slaves
> kill themselves after a couple of minutes if no request is coming in.
> Communication between the slave and the app happens via a socket,
> usually to find in /run/user/$UID.
>
> The question is if, or rather when, it is possible to shortcut this
> process.
You can bypass klauncher/kdeinit by exporting the KDE_FORK_SLAVES
environment variable set to 1. Then the applications will spawn the
ioslave process on their own.
Not sure if this actually helps you, though.
> Do slaves, especially idle ones, accept commands issued by
> third programs via these sockets? Try to take the perspective of an
> evil-minded adversary.
>
> Thank you very much!
Cheers,
Elvis
