Re: Suggestion to Remove KFloppy and hold back K3b
- Date: Wed, 15 Feb 2017 22:21:19 +0100
- From: Martin Gräßlin <mgraesslin@xxxxxxx>
- Subject: Re: Suggestion to Remove KFloppy and hold back K3b
Am 2017-02-15 19:50, schrieb Wolfgang Bauer:
On 11 February 2017 at 13:44, Jonathan Riddell <jr@xxxxxxxxxxxx> wrote:
I recommend KFloppy be removed from Applications releases. It
couldn't find my floppy drive and when I hacked the code to tell it
where to look it depended on an external tool fdformat which didn't
KFloppy and fdformat work fine here in openSUSE, I do use it regularly
an internal floppy drive).
And as the current maintainer, I'd prefer to (try to) fix problems
having it dropped.
I'm a bit surprised that in the test the floppy drive showed up as
though, mine always have been and still are at /dev/fd0...
I suppose that was an external one?
Not sure how to fix that then, it supposedly can be a random
There is a (somewhat "hidden") feature though to use any device you
enter it into the text field (this is mentioned in the documentation,
rather old feature already and intended to be able to format USB sticks
or other unpartitioned devices).
It would definitely be possible to list all /dev/sdX devices in the
too, but that may be dangerous and cause data loss without any further
that it is really a floppy drive (or USB stick).
I have to think about that one.
I am aware of one particular problem related to permissions though:
Normally the device can only be accessed by members of the group "disk"
"floppy"), but modern distributions tend to not add users to these
You'd have to add the user to the appropriate group manually to make
and fdformat work, or run KFloppy as root.
Not great, I agree.
Actually I was thinking about this problem recently though.
The error message could definitely be improved.
And one "solution" would probably be to make KFloppy offer to restart
as root (if it detects insufficient permissions) like partitionmanager
Please do not consider starting a GUI application as root a possibility.
Starting a root process which connects to X server means a possible
instant owning! This is the easiest way to get a root exploit. I wrote
one against dolphin running as root last year, you can find it in my
scratch repo on git.kde.org
If users actually run KFloppy as root, please make sure that it is not
possible! Please add a check prior (!) to the creation of
Q(Gui)Application and terminate if it is run as root. It's important to
do the check prior to creating Q(Gui)Application as the ctor performs
the connection to XServer and afterwards it might be too late.
The only viable solution is using KAuth. If this doesn't work for
KFloppy, then I would agree that for security reasons we need to declare
it as eol.
I consider this as highly important! We need to get away from running
GUI applications as root. It's insecure, it's dangerous and broken (yes,
a root app has problems to connect to a user Display server, such as
rootless-X11 or Wayland). We as a community need to stop recommending
this. We need to make sure that applications which users might run as
root just exit with a warning.
Martin, the broken "you shall not run X11 apps as root"-record