Ubuntu
kate package

Kate can overwrite files without prompting in directories it shouldn't be able to access

Bug #2016063 reported by Jochen Schnelle
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kate (Ubuntu)
New
Undecided
Unassigned

Bug Description

The following is observed on a fresh Kubuntu 22.04.2 LTS installation. Kate can override files without prompting even if the file shouldn't be accessible to Kate if the full path to the file is given calling kate from the terminal.

For example: calling `kate /var/lib/polkit-1/localauthority/10-vendor.d/fwupd.pkla` from a Terminal opens a blank editor window. After entering some text and pressing "Save", Kate will prompt for the password (correct behavior) - but then will override the existing file `fwupd.pkla` without prompting that the file already exists.
Furthermore, Kate shouldn't even be able to file without Root-Permissions, as the directory `/var/lib/polkit-1` has permissions 700 set.

Maybe this bug is not directly related to Kate but the PolicyKit implementation of (K)Ubuntu?

Tags: kde polkit
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.