Mailinglist Archive: opensuse-bugs (4724 mails)

< Previous Next >
[Bug 450203] [KDE 4.3] File Manager - Super User Mode can't launch KWrite
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 7 Apr 2010 11:02:05 +0000
  • Message-id: <20100407110205.B51F7245467@xxxxxxxxxxxxxxxxxxxxxx>
http://bugzilla.novell.com/show_bug.cgi?id=450203

http://bugzilla.novell.com/show_bug.cgi?id=450203#c31


--- Comment #31 from Geoff Farrell <gfarrell@xxxxxxxxxxxxxxx> 2010-04-07
11:02:01 UTC ---
As I said: it might be a _workaround_ on systems with only trusted users
(or just one user at all ;-)
xhost +local should never be a default setting, and I'm quite sure the
security team will tell you the same if you ask them.

That seems entirely reasonable. It remains to see how we can get Dolphin (and
Konqueror) to launch applications such as KWrite, Kate, etc without running
afoul of this X-server display problem.

If I launch Konqueror in Super User Mode and select Tools-> Execute Shell
Command, then enter:

[code]
export XAUTHORITY=/home/$USER/.Xauthority; kate filename
[/code]

'filename' is opened in Kate without any X-server display errors. (I couldn't
find a way for Dolphin to execute Kate from within.) Without the 'export'
command, Konqueror usually produces this error:

No protocol specified
kate: cannot connect to X server :0.0

The fix would seem to be to make the 'Open With' function run the 'export
XAUTHORITY=/home/$USER/.Xauthority' command before executing the 'Open With'
application. This method should satisfy security concerns, as only the person
with the root password will ever get to execute this function. This authority
is not persistent, as any subsequent attempt to 'Open With' Kate without the
'export' command fails in the normal manner. This suggests that the authority
to operate in the user's display ceases when the application is closed. That's
to be expected, as the exported $XAUTHORITY value dies when the shell closes.

This method also works when launching Kate through an 'Open With' function
within Konqueror that's running as a normal user. That means that any changes
introduced into Konqueror (or Dolphin) to cater for fixing the problem while
running as root, shouldn't upset normal operation when running as a normal
user.

This issue has to be solvable. Konsole, for example, in Super User mode, has no
trouble launching 'kate filename'. It doesn't experience this problem. Yet,
like Dolphin (and Konqueror) Super User Mode, it is an application running with
elevated root privileges in the user's X-server display.

--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >