View Issue Details

IDProjectCategoryView StatusLast Update
0004453Kali Linux[All Projects] Kali Package Bugpublic2018-11-08 15:24
ReporterDario_AlejandroAssigned Torhertzog 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2017.3 
Target VersionFixed in Version2018.4 
Summary0004453: Dolphin, kate and kwrite do not work on kde kali builds after latest update, error "Executing Dolphin as root is not possible"
Descriptionkde upstream maintainers have explicitly disabled root access for dolphin, kate, and kwrite. For a build of kali with a kde desktop, this renders the entire installation almost useless, as kali is built for root access. Problem manifests after running apt-get upgrade with dolphin, kate, and kwrite upgraded to version 4:17.08.3-1.
Steps To Reproduce1) On a kde kali build run apt-get update && apt-get upgrade -y.
2) Try to start Dolphin, kate or kwrite from GUI-- no response
2) Run from terminal /usr/bin/dolphin and receive response "Executing Dolphin as root is not possible". Program exits.
Additional InformationOther distributions, notably OpenSuSe have reverted the commit that causes the problem and incorporated the patched version into their repos. The patches are already publicly available. I suggest doing the same for kali as root access is a fundamental part of using a kali distro.

Relationships

related to 0004625 closed kali Linux Kde 64 bit,The dolphin file manager can not open in VMWare 

Activities

roadkill

2018-01-23 15:55

reporter   ~0007858

This issue is because of two upstream changes,

Dolphin
https://cgit.kde.org/dolphin.git/commit/?id=0bdd8e0b0516555c6233fdc7901e9b417cf89

Kate and Kwrite
https://cgit.kde.org/kate.git/patch/?id=9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e

roadkill

2018-01-23 15:55

reporter  

dolphin-as-root-0bdd8e0b0516555c6233fdc7901e9b417cf89791.patch.txt (1,245 bytes)
From 0bdd8e0b0516555c6233fdc7901e9b417cf89791 Mon Sep 17 00:00:00 2001
From: Emmanuel Pescosta <emmanuelpescosta099@gmail.com>
Date: Sun, 19 Feb 2017 02:32:48 +0100
Subject: Disallow executing Dolphin as root on Linux
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Basically a copy of commit kate/9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e which was
written by Martin Grässlin.
---
 src/main.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/main.cpp b/src/main.cpp
index acba8da..789a529 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -35,8 +35,21 @@
 #include <KLocalizedString>
 #include <Kdelibs4ConfigMigrator>
 
+#ifndef Q_OS_WIN
+#include <unistd.h>
+#endif
+#include <iostream>
+
 extern "C" Q_DECL_EXPORT int kdemain(int argc, char **argv)
 {
+#ifndef Q_OS_WIN
+    // Check whether we are running as root
+    if (getuid() == 0) {
+        std::cout << "Executing Dolphin as root is not possible." << std::endl;
+        return EXIT_FAILURE;
+    }
+#endif
+
     QApplication app(argc, argv);
     app.setAttribute(Qt::AA_UseHighDpiPixmaps, true);
     app.setWindowIcon(QIcon::fromTheme(QStringLiteral("system-file-manager"), app.windowIcon()));
-- 
cgit v0.11.2

roadkill

2018-01-23 15:56

reporter  

kate-as-root-9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e.patch.txt (3,818 bytes)
From 9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Gr=C3=A4=C3=9Flin?= <mgraesslin@kde.org>
Date: Thu, 16 Feb 2017 18:00:09 +0100
Subject: Disallow executing kate and kwrite as root on Linux

Summary:
Running GUI applications as root is a huge security risk. Especially
the X server is not secured for that. Non-root applications can easily
interact with a root running application and thus try to exploit simple
bugs in either kate/kwrite itself or in the underlying libraries such
as Qt, XLib or xcb.

In addition kate can be abused to just open the konsole window and any
command can be entered using the XTest extension. This was demonstrated
for dolphin in [1]. The application itself cannot do anything to protect
against it.

On Wayland the situation can be considered worse as the compositor is
running as the normal user and is not protected to handle root windows.
It can be rather trivial to attack the root running application from the
compositor through interfaces such as scripting. This is not in the aim
of the compositors to protect against.

The common use case why users start editors as root is to edit root
owned files. This is a valid use case, but there is no need to run the
application as root. Instead one can use sudoedit to run the application
as user and still be able to edit as root.

This change introduces a check whether the application is started as
root before any interaction with X or Wayland happens, that is prior to
creating the QApplication. If it is detected that we run as root, we
exit and print an information about how to properly edit an application
in kwrite/kate as root. The text is deliberatly not translated to keep
the threat from running as root as low as possible.

The output is:
martin@martin-desktop: ~ $ sudo /opt/kf5/bin/kate
Executing Kate as root is not possible. To edit files as root use:
SUDO_EDITOR=kate sudoedit <file>
martin@martin-desktop: ~ $ sudo /opt/kf5/bin/kwrite
Executing Kate as root is not possible. To edit files as root use:
SUDO_EDITOR=kwrite sudoedit <file>

[1] http://git.net/ml/kwrite-devel/2016-01/msg00011.html

Test Plan: See output

Reviewers: #kate

Subscribers: kwrite-devel

Differential Revision: https://phabricator.kde.org/D4634
---
 kate/main.cpp   | 15 +++++++++++++++
 kwrite/main.cpp | 15 +++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/kate/main.cpp b/kate/main.cpp
index 5895bee..9fcda33 100644
--- a/kate/main.cpp
+++ b/kate/main.cpp
@@ -51,9 +51,24 @@
 #include "qtsingleapplication/qtsingleapplication.h"
 #endif
 
+#ifndef Q_OS_WIN
+#include <unistd.h>
+#endif
+#include <iostream>
+
 
 int main(int argc, char **argv)
 {
+#ifndef Q_OS_WIN
+    /**
+     * Check whether we are running as root
+     **/
+    if (getuid() == 0) {
+        std::cout << "Executing Kate as root is not possible. To edit files as root use:" << std::endl;
+        std::cout << "SUDO_EDITOR=kate sudoedit <file>" << std::endl;
+        return 0;
+    }
+#endif
     /**
      * init resources from our static lib
      */
diff --git a/kwrite/main.cpp b/kwrite/main.cpp
index a8ed025..4787fed 100644
--- a/kwrite/main.cpp
+++ b/kwrite/main.cpp
@@ -42,8 +42,23 @@
 
 #include "../urlinfo.h"
 
+#ifndef Q_OS_WIN
+#include <unistd.h>
+#endif
+#include <iostream>
+
 extern "C" Q_DECL_EXPORT int main(int argc, char **argv)
 {
+#ifndef Q_OS_WIN
+    /**
+     * Check whether we are running as root
+     **/
+    if (getuid() == 0) {
+        std::cout << "Executing Kwrite as root is not possible. To edit files as root use:" << std::endl;
+        std::cout << "SUDO_EDITOR=kwrite sudoedit <file>" << std::endl;
+        return 0;
+    }
+#endif
     /**
      * Create application first
      * Enforce application name even if the executable is renamed
-- 
cgit v0.11.2

lega99

2018-09-01 08:53

reporter   ~0009572

Dolphim must manually be compiled and extracted from the source lines for bans to work in root mode. Nate Graham <nate@kde.org> refuses to make a custom version for Kali. The same problem exists for Kate and Kwrite

lega99

2018-09-01 08:55

reporter   ~0009573

Patch file are outdated

rhertzog

2018-11-08 15:19

administrator   ~0009934

I believe that this problem is gone in recent versions:
https://cgit.kde.org/dolphin.git/commit/?id=40453cb627a39f1ff92373f865426f0bcdc83419
https://cgit.kde.org/kate.git/commit/?id=bf6d5b7532968763bdc629aa90426c53500af13f

Now you can run them as root in a root session, but you can't run them as root from a non-root session (they forbid usage of sudo and kdesu through check of their respective environment variable).

Issue History

Date Modified Username Field Change
2018-01-02 05:48 Dario_Alejandro New Issue
2018-01-23 15:55 roadkill Note Added: 0007858
2018-01-23 15:55 roadkill File Added: dolphin-as-root-0bdd8e0b0516555c6233fdc7901e9b417cf89791.patch.txt
2018-01-23 15:56 roadkill File Added: kate-as-root-9adcebd3c2e476c8a32e9b455cc99f46b0e12a7e.patch.txt
2018-02-21 09:50 g0tmi1k Category Kali Package Bug => General Bug
2018-05-08 07:42 g0tmi1k Category General Bug => Kali Package Bug
2018-06-08 16:02 g0tmi1k Severity major => minor
2018-09-01 08:53 lega99 Note Added: 0009572
2018-09-01 08:55 lega99 Note Added: 0009573
2018-09-12 07:31 g0tmi1k Relationship added related to 0004625
2018-10-30 11:05 g0tmi1k Assigned To => rhertzog
2018-10-30 11:05 g0tmi1k Status new => assigned
2018-11-08 15:19 rhertzog Note Added: 0009934
2018-11-08 15:24 rhertzog Status assigned => resolved
2018-11-08 15:24 rhertzog Resolution open => fixed
2018-11-08 15:24 rhertzog Fixed in Version => 2018.4