Bugzilla – Bug 1217185
AUDIT-WHITELIST: plasma6-disks: new revision of D-Bus interface org.kde.kded.smart.service
Last modified: 2024-02-21 14:46:41 UTC
+++ This bug was initially created as a clone of Bug #1217076 Sub bug for a bunch of new D-Bus interfaces in KDE6. Package is found in KDE:Unstable:Frameworks/plasma6-disks. plasma6-disks.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system.d/org.kde.kded.smart.conf plasma6-disks.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system-services/org.kde.kded.smart.service
I will also look into this KDE6 component since it is rather small and I need something that integrates kauth to look into to complete bug 1217178 for the kauth framework review.
This kauth helper only implements a single action for invoking smartctl on block devices. We managed to get this code into shape already during the initial review in bug 1176742. Not too much has changed since, mostly a bit of FreeBSD compatibility. The degrees of freedom of the interfaces are very limited now, only the basename of the block device in /dev is specified. The code blocks any slashes / found in the input string, then performs an lstat() on the device in /dev and checks that it is actually a block device that is owned by root. There's not much else one can do to tighten this. The upstream Git commit I looked into was 3ecee8bbc47ad1446f1f851a6f4929c67c0a7a3d. I'm turning this into a WHITELISTING tracker and we will revisit once the KDE6 release is becoming more tangible to look into additional changes upstream may do until then.
The package to be submitted is now found in KDE:Frameworks/plasma6-disks and uses version v5.93.0. The changes since the review are only noise so the whitelisting can now happen.
The whitelisting is in Factory now. Closing as fixed.