https://bugs.kde.org/show_bug.cgi?id=179678
--- Comment #35 from Bo Weaver <b...@boweaver.com> --- (In reply to Nate Graham from comment #34) Thanks for the reply Nate. Your reply does answer some questions and your reply is more open to discussion instead of just WONTFIX. thank you. > Bo, you're not really arguing against a decision made here, but rather > against the whole direction that our industry is going in. As has been > mentioned, Wayland disallows running GUI apps as root. As a penetration > tester, this may make your life more difficult, but you're not the user that > the Wayland folks are targeting. I didn't know that about Wayland. True I don't stay on top of desktop coding I'm a pen tester I just "use" the desktop. You are right for pen testing I guess this means going back to 1970 and not even install a desktop. Yes the way the industry it appears is everything will be a phone one day. What about those of us that need a REAL computing system? We're not all lusers. I don't even own a smart phone for this reason. > They are trying to make computers more > secure for ordinary users (who have difficulty with the concepts we're > discussing), not more convenient for security researchers. I would recommend > you take your case to the Wayland folks, though I doubt you'll get very far > because this is an architectural design decision that doesn't really seem > open for debate. I know that is the party line about ordinary users, but this isn't the case I have seen in the "real world". I have a lot of friends that now use Linux because of me. Normal people truck drivers, Ironworkers, 83 year old Grandmothers. People you have no clue on how it all works and they don't care they use want it to work and it works fine for them. They never need to go into root. Lately most distros the root account is locked its there but locked and can be easily unlocked if needed. This works fine and is secure. When sometime breaks they call me and I do the root work. I know what you are saying about the Wayland team is true from what I have followed about Wayland on the net they do have their head up their a_s and it is their way of the highway. Much like systemd got crammed down our throats. At least they didn't cut out root access to systemd. This is the real problem here developers are always trying to fix non-problems and think they know better than the actual users. Gnome totally destroyed their desktop with thinking like this. I wonder how any developers on this team use Macs or other systems to write code everyday? Does everyone use KDE for their day to day computing? I do. Question here: Gnome runs on Wayland yet their file manager and text editor work just fine with the desktop running under root. Kali's default desktop is Gnome and Kali is set up to run under root. So why not KDE? > > Instead, you're in the same boat we are: given that currently (or in the > near future), we won't be able to open GUI apps as root, how can we avoid > losing existing functionality? So far the answer seems to be PolKit > adoption, which lets you open apps using normal user permissions and only > request elevated permissions when necessary. Again this isn't really our > decision; the world evolves and we need to evolve along with it or else our > software will stop working. > > > Well it seems that you all screwing with KIO broke kate so why report it to > > the > > kate team? BTW what you said about opening a root owned file is wrong. > > Kate > > will not open AT ALL under root. you said I can see the file how?? Kate > > won't > > even open. It doesn't "work like a charm" it doesn't work AT ALL. > > You don't open Kate as root anymore. You open it with normal permissions and > edit your root-owned file, either by opening it with the File > Open dialog, > or via `kate /path/to/root/owned/file.txt`. When you save, you should get > prompted for credentials to complete the save operation. I'm running IN root. 3 days ago Kate worked just fine under root after an update 2 days ago it will not open at all. I'm not attempting a sudo action. I am root. > > Both of those use cases work for me with KDE Frameworks 5.40 and Kate 17.12, > and they have worked for quite a while. If either of those use cases do not > work for you, please let us know. No this doesn't work and this does breaks the consecpt of root access. Root is to have FULL access to everything. This means a file manager or a text editor or any other application or process. In engineering we have a saying "If it ain't broke don't f_ck with it". I think you developers should take heed to that. A security note here. as someone who hacks Linux system regularly. This is a security non-issue. I've hacked 1000's of machines and have yet to use an X11 exploit to gain root access their are too many other and easier ways to gain this access. Most Linux machines I have pwned don't even have a GUI. So all this chaos and breaking access to a file manager and a text editor for "security" is just plain wrong. You have "fixed" nothing and broken access. Nate I really hate coming down on you all I've used KDE since the 90's and thank you for a wonderful desktop for all those years. It will really make me cry to leave but I have to have a usable desktop to make a living. KDE has always been great because it catered to the more advanced user like me. Please understand there is a lot of gratitude behind these words also for your desktop. I just begging please don't f_ck it up. When I'm logged in as root give me FULL access to everything and if I do bork my machine because I did something stupid I will blame myself and not you guys. Thanks again for your reply. -- You are receiving this mail because: You are watching all bug changes.
