----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://git.reviewboard.kde.org/r/117125/ -----------------------------------------------------------
(Updated April 7, 2014, 7:05 p.m.) Review request for KDE Frameworks and David Faure. Changes ------- adjusted per Alex'es suggestion. @David, i've tried as advised, and it is working correctly, from what i can see. Additionally, when i tried the old SUID rutine, i got a nice warning (this was added to Qt recently iirc): FATAL: The application binary appears to be running setuid, this is a security hole. kdeinit5: Communication error with launcher. Exiting! Bugs: https://bugzilla.novell.com/show_bug.cgi?id=862953 https://bugs.kde.org/show_bug.cgi?id=https://bugzilla.novell.com/show_bug.cgi?id=862953 Repository: kinit Description ------- The issue came up on security review of kinit package (yes, same is valid for kdelibs4...) SUSE security team is not happy with kdeinit being SUID helper, thus capabilities are utilized first (if available) I've just tried to integrate the suggested patch (from the report) with the CMake bits Diffs (updated) ----- CMakeLists.txt 8bd43d8 cmake/FindLibcap.cmake PRE-CREATION src/config-kdeinit.h.cmake c89c713 src/start_kdeinit/CMakeLists.txt 6bfc496 src/start_kdeinit/start_kdeinit.c 3c733e7 Diff: https://git.reviewboard.kde.org/r/117125/diff/ Testing ------- Built: with setcap & libcap present - installed as advertised; without one/both of them - the old procedure is in place (using SUID for the helper) I am not sure how to test the OOM killer, fortunately it never kicked in kdelibs4 variant, so can't also say did it work as planned before... Thanks, Hrvoje Senjan
_______________________________________________ Kde-frameworks-devel mailing list Kde-frameworks-devel@kde.org https://mail.kde.org/mailman/listinfo/kde-frameworks-devel
