Bugzilla – Bug 1217190
AUDIT-WHITELIST: kwalletmanager: changes to D-Bus service?
Last modified: 2024-02-16 11:40:43 UTC
+++ This bug was initially created as a clone of Bug #1217076 Sub bug for a bunch of new D-Bus services in KDE6. Package is found in KDE:Unstable:Applications/kwalletmanager. kwalletmanager.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system-services/org.kde.kcontrol.kcmkwallet5.service kwalletmanager.x86_64: E: dbus-file-unauthorized (Badness: 10) /usr/share/dbus-1/system.d/org.kde.kcontrol.kcmkwallet5.conf It's unclear why these errors occur, these services have basically already been whitelisted, but maybe I'm missing something.
I will pickup this one.
kdewalletmanager: the code is almost here to design and manage UI. Not too much business logic or interesting code so far. No issues at the moment
Closing the AUDIT
Reopening since we need this bug for tracking the whitelisting. This package throws rpmlint badness, because the RPM has been renamed from kwalletmanager5 to kwalletmanager. Otherwise nothing changed in the whitelisted D-Bus files or Polkit actions. The actual Kauth privileged component is the "savehelper.cpp" which actually does nothing: ``` ActionReply SaveHelper::save(const QVariantMap &args) { Q_UNUSED(args); const qint64 uid = QCoreApplication::applicationPid(); qDebug() << "executing uid=" << uid; return ActionReply::SuccessReply(); } ``` @christophe: can you please reach out to upstream and ask them to simply drop unused D-Bus / Kauth helpers and Polkit actions? This would make all our lives easier. Thanks.
(In reply to Matthias Gerstner from comment #4) > > @christophe: can you please reach out to upstream and ask them to simply drop > unused D-Bus / Kauth helpers and Polkit actions? This would make all our > lives > easier. Thanks. Done: https://invent.kde.org/utilities/kwalletmanager/-/issues/4
The explanation for the existence of this helper in the upstream issue mentioned in comment 5 is not very convincing. I really don't want to whitelist such code. If upstream doesn't want to drop this then You can patch out the helper and the client code invoking it. This is not adding to security, it is only increasing complexity.
(In reply to Matthias Gerstner from comment #6) > I really don't want to whitelist such code. If upstream doesn't want to drop > this then You can patch out the helper and the client code invoking it. This > is not adding to security, it is only increasing complexity. I'm working on it. https://build.opensuse.org/request/show/1146930 drops the kauth usage.
done, should we close the bug with RESOLVED/WONTFIX?
(In reply to christophe@krop.fr from comment #8) > done, should we close the bug with RESOLVED/WONTFIX? Well, you already did it, but it's all right with me. Maybe you add some clarification to the patch. It now sounds like we're disabling a security feature without giving any reasoning. The reasoning is that the KAuth helper is useless and does not add to security. If upstream KDE really worries about this strange scenario then they could just as well run something like `sudo -U $USERNAME true` and achieve the same result without shipping a fake kauth service helper and routing all of this through D-Bus for nothing.
(In reply to Matthias Gerstner from comment #9) > Maybe you add some clarification to the patch. It now sounds like we're > disabling a security feature without giving any reasoning. The reasoning is > that the KAuth helper is useless and does not add to security. > done