fvogt added a comment.
Adding to Luca's comment, I also find two additional issues with this approach, it is absolutely impossible to make this secure. There is always a race condition between acquiring the privilege and renaming the file to the new location. Only solution for that is to pass the full file content to the helper (which would then give the user a checksum of the full document). Additional race condition is for new files: They are moved into the directory first and only after that the permissions are set. This is not the right approach, it needs to be done like: - Create empty file with the right permissions and owner in the new path - Rename temp file to the new path Therefore two more NAKs from me. REPOSITORY R39 KTextEditor REVISION DETAIL https://phabricator.kde.org/D4847 To: martinkostolny, dhaumann, #ktexteditor, dfaure Cc: fvogt, apol, dfaure, anthonyfieroni, cullmann, ltoscano, dhaumann, graesslin, davidedmundson, palant, kwrite-devel, #frameworks, head7, kfunk, sars
