[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-release-team
Subject: Fwd: Re: Security issue in 4.2
From: Tom Albers <tomalbers () kde ! nl>
Date: 2009-01-25 18:00:55
Message-ID: 4503280.9LVa4FZGbI () kde ! nl
[Download RAW message or body]
forward per request of Chani.
Toma
Op Sunday 25 January 2009 18:57 schreef Chani <chanika@gmail.com>:
> [sending again - the mail doesn't seem to have reached the list, nor have I
> gotten an "awaiting moderation" message]
>
> please cc me, I'm not subscribed.
>
> the problem is a bugfix gone awry that exposes a way to get a filedialog on the
> screensaver whenever widgets are turned on.
>
> the good news is, widgets are disabled by default, so this only affects people
> who enable them.
>
> however, this bug changes widgets from "secure if you think before adding
> plasmoids" to "not secure, period" - and there's no warning when you enable
> them.
>
> the attached patch, committed in revision 916332, fixes it.
>
> --
> This message brought to you by eevil bananas and the number 3.
> www.chani3.com
["fix.diff" (text/x-diff)]
Index: containment.cpp
===================================================================
--- containment.cpp (revision 916284)
+++ containment.cpp (working copy)
@@ -1602,12 +1602,10 @@
}
bool canConfig = unlocked || KAuthorized::authorize("PlasmaAllowConfigureWhenLocked");
- if (canConfig) {
- action = actions().action("activity settings");
- if (action) {
- action->setVisible(canConfig);
- action->setEnabled(canConfig);
- }
+ action = actions().action("activity settings");
+ if (action) {
+ action->setVisible(canConfig);
+ action->setEnabled(canConfig);
}
// tell the applets too
["signature.asc" (text/plain)]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkl8qCcACgkQeGbAwpIS3GxR2ACfZQMCSxWkbwXpLALiglBHG0v7
2nEAnjObT/zsb4JFF9M4YZQvPa7rjCx9
=o9UE
-----END PGP SIGNATURE-----
_______________________________________________
release-team mailing list
release-team@kde.org
https://mail.kde.org/mailman/listinfo/release-team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic