KIO
worker.cpp
174 // When on a thread, delete in a thread to prevent deadlocks between the main thread and the worker thread.
175 // This most notably can happen when the worker thread uses QDBus, because traffic will generally be routed
177 // Generally speaking we'd want to avoid waiting in the main thread anyway, the worker stopping isn't really
186 delete this; // yes it reads funny, but it's too late for a deleteLater() here, no event loop anymore
281 qCDebug(KIO_CORE) << "killing worker process pid" << m_pid << "(" << m_protocol + QLatin1String("://") + m_host << ")";
285 qCDebug(KIO_CORE) << "aborting worker thread for " << m_protocol + QLatin1String("://") + m_host;
291void Worker::setHost(const QString &host, quint16 port, const QString &user, const QString &passwd)
318 * @returns true if the worker should not be created because it would insecurely ask users for a password.
319 * false is returned when the worker is either safe because only the root user can write to it, or if this kio binary is already not secure.
321bool isWorkerSecurityCompromised(const QString &workerPath, const QString &protocolName, int &error, QString &error_text)
328 return file.ownerId() == 0 && (file.groupId() == 0 || !file.permission(QFileDevice::WriteGroup)) && !file.permission(QFileDevice::WriteOther);
334 // The worker can be modified by non-privileged processes! If it ever asks for elevated privileges, this could lead to a privilege escalation!
335 // We will only let this slide if we are e.g. in a development environment. In a development environment the binaries are not system-installed,
336 // so this KIO library itself would also be writable by non-privileged processes. We check if this KIO library is safe from unprivileged tampering.
337 // If it is not, the security is already compromised anyway, so we ignore that the security of the worker binary is compromised as well.
341 const QFileInfoList kioBinariesAndSymlinks = folderOfKioBinary.entryInfoList({QLatin1String{"*KIOCore.so*"}}, QDir::Files);
345 break; // As long as there is at least one library which appears to be secure, we assume that the whole execution is supposed to be secure.
348 // We have found a library that is compromised. We continue searching in case this library was only placed here to circumvent this security check.
352 "The security of the KIO worker for protocol ’%1’, which typically asks for elevated permissions, "
361 // Both KIO as well as the worker can be written to by non-root objects, so there is no protection against these binaries being compromised.
362 // Notwithstanding, we let everything continue as normal because we assume this is a development environment.
368Worker *Worker::createWorker(const QString &protocol, const QUrl &url, int &error, QString &error_text)
397 if (protocol == QLatin1String("admin") && isWorkerSecurityCompromised(lib_path, protocol, error, error_text)) {
404 error_text = i18n("Can not create a socket for launching a KIO worker for protocol '%1'.", protocol);
431 // qDebug() << "kioworker" << ", " << lib_path << ", " << protocol << ", " << QString() << ", " << workerAddress;
435 searchPaths.append(QFile::decodeName(KDE_INSTALL_FULL_LIBEXECDIR_KF)); // look at our installation location
436 QString kioworkerExecutable = QStandardPaths::findExecutable(QStringLiteral("kioworker"), searchPaths);
444 error_text = i18n("Can not find 'kioworker' executable at '%1'", searchPaths.join(QLatin1String(", ")));
MetaData is a simple map of key/value strings.
A simple job (one url and one command).
bool suspend()
static QString exec(const QString &protocol)
Returns the library / executable to open for the protocol protocol Example : "kio_ftp",...
Definition kprotocolinfo.cpp:211
QString i18nc(const char *context, const char *text, const TYPE &arg...)
QString i18n(const char *text, const TYPE &arg...)
QString path(const QString &relativePath)
QStringList kdeFrameworksPaths(const QString &relativePath)
void error(QWidget *parent, const QString &text, const QString &title, const KGuiItem &buttonOk, Options options=Notify)
Files
QFileInfoList entryInfoList(Filters filters, SortFlags sort) const const
QString decodeName(const QByteArray &localFileName)
WriteGroup
WriteOnly
void append(QList< T > &&value)
void deleteLater()
void setArguments(const QStringList &arguments)
void setProgram(const QString &program)
void setUnixProcessParameters(UnixProcessFlags flagsOnly)
bool startDetached(const QString &program, const QStringList &arguments, const QString &workingDirectory, qint64 *pid)
QString findExecutable(const QString &executableName, const QStringList &paths)
bool isEmpty() const const
QByteArray toLocal8Bit() const const
QString join(QChar separator) const const
QFuture< ArgsType< Signal > > connect(Sender *sender, Signal signal)
void finished()
singleShot
bool isEmpty() const const
QString toString(FormattingOptions options) const const
This file is part of the KDE documentation.
Documentation copyright © 1996-2024 The KDE developers.
Generated on Sat Dec 21 2024 16:58:45 by doxygen 1.12.0 written by Dimitri van Heesch, © 1997-2006
Documentation copyright © 1996-2024 The KDE developers.
Generated on Sat Dec 21 2024 16:58:45 by doxygen 1.12.0 written by Dimitri van Heesch, © 1997-2006
KDE's Doxygen guidelines are available online.