Honor application suid requests even if they are directed at KDE

4 files changed, 35 insertions, 6 deletions

diff --git a/tdecore/kdesktopfile.cpp b/tdecore/kdesktopfile.cpp
index b385eeb18..9798a1ff2 100644
--- a/tdecore/kdesktopfile.cpp
+++ b/tdecore/kdesktopfile.cpp
@@ -310,7 +310,7 @@ bool KDesktopFile::tryExec() const
            return false;
      }
   }
-  
+
   // See also KService::username()
   bool su = readBoolEntry("X-TDE-SubstituteUID");
   if (su)
@@ -323,7 +323,21 @@ bool KDesktopFile::tryExec() const
       if (!kapp->authorize("user/"+user))
         return false;
   }
-  
+  else {
+      // Respect KDE su request if present
+      su = readBoolEntry("X-KDE-SubstituteUID");
+      if (su)
+      {
+          TQString user = readEntry("X-KDE-Username");
+          if (user.isEmpty())
+            user = ::getenv("ADMIN_ACCOUNT");
+          if (user.isEmpty())
+            user = "root";
+          if (!kapp->authorize("user/"+user))
+            return false;
+      }
+  }
+
   return true;
 }
 
diff --git a/tdeio/application.desktop b/tdeio/application.desktop
index d9e9fc3c2..d45e49578 100644
--- a/tdeio/application.desktop
+++ b/tdeio/application.desktop
@@ -98,6 +98,12 @@ Type=bool
 [PropertyDef::X-TDE-Username]
 Type=TQString
 
+[PropertyDef::X-KDE-SubstituteUID]
+Type=bool
+
+[PropertyDef::X-KDE-Username]
+Type=TQString
+
 [PropertyDef::StartupWMClass]
 Type=TQString
 
diff --git a/tdeio/tdefile/kpropertiesdialog.cpp b/tdeio/tdefile/kpropertiesdialog.cpp
index 87d3926b3..bece689ca 100644
--- a/tdeio/tdefile/kpropertiesdialog.cpp
+++ b/tdeio/tdefile/kpropertiesdialog.cpp
@@ -3154,7 +3154,7 @@ KDesktopPropsPlugin::KDesktopPropsPlugin( KPropertiesDialog *_props )
   TQString pathStr = config.readPathEntry( "Path" );
   m_terminalBool = config.readBoolEntry( "Terminal" );
   m_terminalOptionStr = config.readEntry( "TerminalOptions" );
-  m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" );
+  m_suidBool = config.readBoolEntry( "X-TDE-SubstituteUID" ) || config.readBoolEntry( "X-KDE-SubstituteUID" );
   m_suidUserStr = config.readEntry( "X-TDE-Username" );
   if( config.hasKey( "StartupNotify" ))
     m_startupBool = config.readBoolEntry( "StartupNotify", true );
diff --git a/tdeio/tdeio/kservice.cpp b/tdeio/tdeio/kservice.cpp
index 5ccb9f33c..14eb172d5 100644
--- a/tdeio/tdeio/kservice.cpp
+++ b/tdeio/tdeio/kservice.cpp
@@ -206,7 +206,7 @@ KService::init( KDesktopFile *config )
   m_strExec = config->readPathEntry( "Exec" );
   if (kde4application && !m_strExec.startsWith("/")) {
     m_strExec = "XDG_DATA_DIRS=" + kde4applicationprefix + "/share XDG_CONFIG_DIRS=/etc/xdg/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:$PATH "+m_strExec;
-  } else if (config->readBoolEntry("X-TDE-SubstituteUID")) {
+  } else if (config->readBoolEntry("X-TDE-SubstituteUID") || config->readBoolEntry("X-KDE-SubstituteUID")) {
     int space = m_strExec.find(" ");
     if (space==-1)
       m_strExec = TDEStandardDirs::findExe(m_strExec);
@@ -710,8 +710,17 @@ KService::List KService::allInitServices()
 }
 
 bool KService::substituteUid() const {
-  TQVariant v = property("X-TDE-SubstituteUID", TQVariant::Bool);
-  return v.isValid() && v.toBool();
+  bool suid = false;
+  TQVariant v;
+  v = property("X-TDE-SubstituteUID", TQVariant::Bool);
+  if (v.isValid()) {
+    if (v.toBool()) suid = true;
+  }
+  v = property("X-KDE-SubstituteUID", TQVariant::Bool);
+  if (v.isValid()) {
+    if (v.toBool()) suid = true;
+  }
+  return suid;
 }
 
 TQString KService::username() const {