Re: [QUESTION] KIO slave-socket shortcut - does it exist?
- Date: Tue, 04 Dec 2018 23:26:01 +0100
- From: Albert Astals Cid <aacid@xxxxxxx>
- Subject: Re: [QUESTION] KIO slave-socket shortcut - does it exist?
El dimarts, 4 de desembre de 2018, a les 16:37:34 CET, Smits Katze va escriure:
> Background: I want to sandbox KDE apps and need to understand better how
> KIO works.
> My current level of understanding is that apps ask klauncher/kdeinit for a
> KIO slave if they need one. Then either kdeinit spawns a new slave process,
> or there is already an idle slave and it is reused. Idle slaves kill
> themselves after a couple of minutes if no request is coming in.
> Communication between the slave and the app happens via a socket, usually
> to find in /run/user/$UID.
> The question is if, or rather when, it is possible to shortcut this
> process. Do slaves, especially idle ones, accept commands issued by third
> programs via these sockets? Try to take the perspective of an evil-minded
Do you mean this as a security issue?
> Thank you very much!