Kdesu Not Working?
When I try to execute the command kdesu dolphin or kdesudo dolphin nothing happens. I thought that this was the proper way to elevate graphical applications to temporary root privileges.
Am I doing something wrong? How can I elevate graphical application to super user level permissions?
sarah@ConvergentRefuge:~$ kdesu dolphin
kdesu: command not found
sarah@ConvergentRefuge:~$ kdesudo dolphin
kdesudo: command not found
permissions kubuntu 18.04
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
|
show 6 more comments
When I try to execute the command kdesu dolphin or kdesudo dolphin nothing happens. I thought that this was the proper way to elevate graphical applications to temporary root privileges.
Am I doing something wrong? How can I elevate graphical application to super user level permissions?
sarah@ConvergentRefuge:~$ kdesu dolphin
kdesu: command not found
sarah@ConvergentRefuge:~$ kdesudo dolphin
kdesudo: command not found
permissions kubuntu 18.04
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
Doessudo -H dolphinwork?
– pomsky
Jun 7 '18 at 5:25
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42
|
show 6 more comments
When I try to execute the command kdesu dolphin or kdesudo dolphin nothing happens. I thought that this was the proper way to elevate graphical applications to temporary root privileges.
Am I doing something wrong? How can I elevate graphical application to super user level permissions?
sarah@ConvergentRefuge:~$ kdesu dolphin
kdesu: command not found
sarah@ConvergentRefuge:~$ kdesudo dolphin
kdesudo: command not found
permissions kubuntu 18.04
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
When I try to execute the command kdesu dolphin or kdesudo dolphin nothing happens. I thought that this was the proper way to elevate graphical applications to temporary root privileges.
Am I doing something wrong? How can I elevate graphical application to super user level permissions?
sarah@ConvergentRefuge:~$ kdesu dolphin
kdesu: command not found
sarah@ConvergentRefuge:~$ kdesudo dolphin
kdesudo: command not found
permissions kubuntu 18.04
permissions kubuntu 18.04
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
asked Jun 7 '18 at 4:54
Sarah SzaboSarah Szabo
401921
401921
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
Doessudo -H dolphinwork?
– pomsky
Jun 7 '18 at 5:25
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42
|
show 6 more comments
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
Doessudo -H dolphinwork?
– pomsky
Jun 7 '18 at 5:25
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
Does
sudo -H dolphin work?– pomsky
Jun 7 '18 at 5:25
Does
sudo -H dolphin work?– pomsky
Jun 7 '18 at 5:25
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42
|
show 6 more comments
3 Answers
3
active
oldest
votes
This is a very much more complex question than it first appeared to me to be :)
First of all, it is highly recommended not to use kdesu or kdesudo to run graphical applications as root or with administrative privelages.
Why is it not recommended?
The short answer is that it is considered a substantial security risk.
The security risk is being discussed at length (and disputed) in a number of different posts and bug reports.
@DK Bose kindly provided some links as a good starting point for anyone who wants a bit more detail: https://www.kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem
The above link led me to some other links which show a 'lively' discussion about it: https://bugs.kde.org/show_bug.cgi?id=152150 and also https://bugs.kde.org/show_bug.cgi?id=179678
which in turn led me to a blog post about the security problem that is being discussed:
https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
Basically, to prevent users from exposing themselves to this security risk, running Kate or Dolphin as root has been disabled.
Kate now allows you to save system files etc. by asking you to enter your password when you require permission to save your file (via Polkit - i.e a system dialogue box appears requesting permission). This should mean it is not necessary to run Kate as root.
Dolphin will be doing the same in the near future but the change has not been implemented yet.
(On the sometimes heated discussions about this change, there were criticisms that disabling running Dolphin as root should not have been implemented until an alternative was in place. The counter argument was that the security risk was too great to allow it.)
In the meantime, there are other file managers such as PCManFM or Thunar which allow running as root (for those who understand the security implications but require the functionality).
I can't think of a lot of situations where it would be necessary to run a graphical user application as root outwith the 'editing system files' scenario. Kate can do this now without needing to be run as root.
Some of the use cases that sparked arguments against disabling running Dolphin as root, involved users wanting to create symlinks on their system files whilst using the GUI and also for penetration testing where, for example, Kali Linux runs the entire session as root.
The other reccurring argument was that if a user was aware of the security risk and wanted to run graphical applications as root anyway, then they should be allowed to do so.
kdesudo is not installed in Kubuntu 18.04 by default and is no longer in the Debian and Ubuntu repositories. It is not recommended to be used because it is unmaintained (and the general suggestion that you shouldn't be running graphical user interface programs with X as root).
kdesu is installed (as part of kde-cli-tools) but is not in your $PATH by default. You can access the binary from /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu (and create a symlink in your /usr/local/bin directory if you don't fancy typing that out each time you want to use it - https://www.kubuntuforums.net/showthread.php/73471-Kdesudo?highlight=kdesudo), but it is not recommended that you do so (due to the security implications) and will not work for Kate and Dolphin anyway.
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
add a comment |
Use this commands as root:
apt install kde-runtime
ln -s /etc/alternatives/kdesu /usr/bin/kdesu
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
add a comment |
This worked for me on Kububuntu 19.04:
apt install libkdesu5
ln -s /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu /usr/lib/kde4/libexec/
edited 2 days ago
cmak.fr
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1044354%2fkdesu-not-working%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is a very much more complex question than it first appeared to me to be :)
First of all, it is highly recommended not to use kdesu or kdesudo to run graphical applications as root or with administrative privelages.
Why is it not recommended?
The short answer is that it is considered a substantial security risk.
The security risk is being discussed at length (and disputed) in a number of different posts and bug reports.
@DK Bose kindly provided some links as a good starting point for anyone who wants a bit more detail: https://www.kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem
The above link led me to some other links which show a 'lively' discussion about it: https://bugs.kde.org/show_bug.cgi?id=152150 and also https://bugs.kde.org/show_bug.cgi?id=179678
which in turn led me to a blog post about the security problem that is being discussed:
https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
Basically, to prevent users from exposing themselves to this security risk, running Kate or Dolphin as root has been disabled.
Kate now allows you to save system files etc. by asking you to enter your password when you require permission to save your file (via Polkit - i.e a system dialogue box appears requesting permission). This should mean it is not necessary to run Kate as root.
Dolphin will be doing the same in the near future but the change has not been implemented yet.
(On the sometimes heated discussions about this change, there were criticisms that disabling running Dolphin as root should not have been implemented until an alternative was in place. The counter argument was that the security risk was too great to allow it.)
In the meantime, there are other file managers such as PCManFM or Thunar which allow running as root (for those who understand the security implications but require the functionality).
I can't think of a lot of situations where it would be necessary to run a graphical user application as root outwith the 'editing system files' scenario. Kate can do this now without needing to be run as root.
Some of the use cases that sparked arguments against disabling running Dolphin as root, involved users wanting to create symlinks on their system files whilst using the GUI and also for penetration testing where, for example, Kali Linux runs the entire session as root.
The other reccurring argument was that if a user was aware of the security risk and wanted to run graphical applications as root anyway, then they should be allowed to do so.
kdesudo is not installed in Kubuntu 18.04 by default and is no longer in the Debian and Ubuntu repositories. It is not recommended to be used because it is unmaintained (and the general suggestion that you shouldn't be running graphical user interface programs with X as root).
kdesu is installed (as part of kde-cli-tools) but is not in your $PATH by default. You can access the binary from /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu (and create a symlink in your /usr/local/bin directory if you don't fancy typing that out each time you want to use it - https://www.kubuntuforums.net/showthread.php/73471-Kdesudo?highlight=kdesudo), but it is not recommended that you do so (due to the security implications) and will not work for Kate and Dolphin anyway.
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
add a comment |
This is a very much more complex question than it first appeared to me to be :)
First of all, it is highly recommended not to use kdesu or kdesudo to run graphical applications as root or with administrative privelages.
Why is it not recommended?
The short answer is that it is considered a substantial security risk.
The security risk is being discussed at length (and disputed) in a number of different posts and bug reports.
@DK Bose kindly provided some links as a good starting point for anyone who wants a bit more detail: https://www.kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem
The above link led me to some other links which show a 'lively' discussion about it: https://bugs.kde.org/show_bug.cgi?id=152150 and also https://bugs.kde.org/show_bug.cgi?id=179678
which in turn led me to a blog post about the security problem that is being discussed:
https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
Basically, to prevent users from exposing themselves to this security risk, running Kate or Dolphin as root has been disabled.
Kate now allows you to save system files etc. by asking you to enter your password when you require permission to save your file (via Polkit - i.e a system dialogue box appears requesting permission). This should mean it is not necessary to run Kate as root.
Dolphin will be doing the same in the near future but the change has not been implemented yet.
(On the sometimes heated discussions about this change, there were criticisms that disabling running Dolphin as root should not have been implemented until an alternative was in place. The counter argument was that the security risk was too great to allow it.)
In the meantime, there are other file managers such as PCManFM or Thunar which allow running as root (for those who understand the security implications but require the functionality).
I can't think of a lot of situations where it would be necessary to run a graphical user application as root outwith the 'editing system files' scenario. Kate can do this now without needing to be run as root.
Some of the use cases that sparked arguments against disabling running Dolphin as root, involved users wanting to create symlinks on their system files whilst using the GUI and also for penetration testing where, for example, Kali Linux runs the entire session as root.
The other reccurring argument was that if a user was aware of the security risk and wanted to run graphical applications as root anyway, then they should be allowed to do so.
kdesudo is not installed in Kubuntu 18.04 by default and is no longer in the Debian and Ubuntu repositories. It is not recommended to be used because it is unmaintained (and the general suggestion that you shouldn't be running graphical user interface programs with X as root).
kdesu is installed (as part of kde-cli-tools) but is not in your $PATH by default. You can access the binary from /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu (and create a symlink in your /usr/local/bin directory if you don't fancy typing that out each time you want to use it - https://www.kubuntuforums.net/showthread.php/73471-Kdesudo?highlight=kdesudo), but it is not recommended that you do so (due to the security implications) and will not work for Kate and Dolphin anyway.
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
add a comment |
This is a very much more complex question than it first appeared to me to be :)
First of all, it is highly recommended not to use kdesu or kdesudo to run graphical applications as root or with administrative privelages.
Why is it not recommended?
The short answer is that it is considered a substantial security risk.
The security risk is being discussed at length (and disputed) in a number of different posts and bug reports.
@DK Bose kindly provided some links as a good starting point for anyone who wants a bit more detail: https://www.kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem
The above link led me to some other links which show a 'lively' discussion about it: https://bugs.kde.org/show_bug.cgi?id=152150 and also https://bugs.kde.org/show_bug.cgi?id=179678
which in turn led me to a blog post about the security problem that is being discussed:
https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
Basically, to prevent users from exposing themselves to this security risk, running Kate or Dolphin as root has been disabled.
Kate now allows you to save system files etc. by asking you to enter your password when you require permission to save your file (via Polkit - i.e a system dialogue box appears requesting permission). This should mean it is not necessary to run Kate as root.
Dolphin will be doing the same in the near future but the change has not been implemented yet.
(On the sometimes heated discussions about this change, there were criticisms that disabling running Dolphin as root should not have been implemented until an alternative was in place. The counter argument was that the security risk was too great to allow it.)
In the meantime, there are other file managers such as PCManFM or Thunar which allow running as root (for those who understand the security implications but require the functionality).
I can't think of a lot of situations where it would be necessary to run a graphical user application as root outwith the 'editing system files' scenario. Kate can do this now without needing to be run as root.
Some of the use cases that sparked arguments against disabling running Dolphin as root, involved users wanting to create symlinks on their system files whilst using the GUI and also for penetration testing where, for example, Kali Linux runs the entire session as root.
The other reccurring argument was that if a user was aware of the security risk and wanted to run graphical applications as root anyway, then they should be allowed to do so.
kdesudo is not installed in Kubuntu 18.04 by default and is no longer in the Debian and Ubuntu repositories. It is not recommended to be used because it is unmaintained (and the general suggestion that you shouldn't be running graphical user interface programs with X as root).
kdesu is installed (as part of kde-cli-tools) but is not in your $PATH by default. You can access the binary from /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu (and create a symlink in your /usr/local/bin directory if you don't fancy typing that out each time you want to use it - https://www.kubuntuforums.net/showthread.php/73471-Kdesudo?highlight=kdesudo), but it is not recommended that you do so (due to the security implications) and will not work for Kate and Dolphin anyway.
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
This is a very much more complex question than it first appeared to me to be :)
First of all, it is highly recommended not to use kdesu or kdesudo to run graphical applications as root or with administrative privelages.
Why is it not recommended?
The short answer is that it is considered a substantial security risk.
The security risk is being discussed at length (and disputed) in a number of different posts and bug reports.
@DK Bose kindly provided some links as a good starting point for anyone who wants a bit more detail: https://www.kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem
The above link led me to some other links which show a 'lively' discussion about it: https://bugs.kde.org/show_bug.cgi?id=152150 and also https://bugs.kde.org/show_bug.cgi?id=179678
which in turn led me to a blog post about the security problem that is being discussed:
https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
Basically, to prevent users from exposing themselves to this security risk, running Kate or Dolphin as root has been disabled.
Kate now allows you to save system files etc. by asking you to enter your password when you require permission to save your file (via Polkit - i.e a system dialogue box appears requesting permission). This should mean it is not necessary to run Kate as root.
Dolphin will be doing the same in the near future but the change has not been implemented yet.
(On the sometimes heated discussions about this change, there were criticisms that disabling running Dolphin as root should not have been implemented until an alternative was in place. The counter argument was that the security risk was too great to allow it.)
In the meantime, there are other file managers such as PCManFM or Thunar which allow running as root (for those who understand the security implications but require the functionality).
I can't think of a lot of situations where it would be necessary to run a graphical user application as root outwith the 'editing system files' scenario. Kate can do this now without needing to be run as root.
Some of the use cases that sparked arguments against disabling running Dolphin as root, involved users wanting to create symlinks on their system files whilst using the GUI and also for penetration testing where, for example, Kali Linux runs the entire session as root.
The other reccurring argument was that if a user was aware of the security risk and wanted to run graphical applications as root anyway, then they should be allowed to do so.
kdesudo is not installed in Kubuntu 18.04 by default and is no longer in the Debian and Ubuntu repositories. It is not recommended to be used because it is unmaintained (and the general suggestion that you shouldn't be running graphical user interface programs with X as root).
kdesu is installed (as part of kde-cli-tools) but is not in your $PATH by default. You can access the binary from /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu (and create a symlink in your /usr/local/bin directory if you don't fancy typing that out each time you want to use it - https://www.kubuntuforums.net/showthread.php/73471-Kdesudo?highlight=kdesudo), but it is not recommended that you do so (due to the security implications) and will not work for Kate and Dolphin anyway.
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
edited Jun 11 '18 at 1:30
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
answered Jun 7 '18 at 19:25
pHeLiOnpHeLiOn
780418
780418
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
add a comment |
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Read "outwith" after a long, long time :)
– DK Bose
Jun 8 '18 at 2:14
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Maybe I'm missing something (and I lazily didn't read any of th elinks you mentioned, sorry :P) but if I'm being prompted for root credentials, what is insecure about it? Perhaps I have something configured improperly, but VMware Workstation I need to run as root in order to boot my VM's. That's why how I began looking into kdesu. Thanks for the info
– Adam Plocher
Aug 20 '18 at 2:40
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
Probably the best summary is "The problem with starting GUI applications as root is that X11 is extremely insecure and it’s considerable easy for another application to attack this." (from blog.martin-graesslin.com/blog/2017/02/editing-files-as-root). There's more detail in the post and further discussion in the comments, but if the application is using X11 (i.e any graphical application not running under Wayland) then running as root exposes a fairly significant attack vector. (Assuming you had malicious software sitting & waiting for a root X11 application to open on your system)
– pHeLiOn
Aug 21 '18 at 2:23
add a comment |
Use this commands as root:
apt install kde-runtime
ln -s /etc/alternatives/kdesu /usr/bin/kdesu
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
add a comment |
Use this commands as root:
apt install kde-runtime
ln -s /etc/alternatives/kdesu /usr/bin/kdesu
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
add a comment |
Use this commands as root:
apt install kde-runtime
ln -s /etc/alternatives/kdesu /usr/bin/kdesu
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
Use this commands as root:
apt install kde-runtime
ln -s /etc/alternatives/kdesu /usr/bin/kdesu
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
answered Nov 2 '18 at 21:05
Luděk SladkýLuděk Sladký
1
1
add a comment |
add a comment |
This worked for me on Kububuntu 19.04:
apt install libkdesu5
ln -s /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu /usr/lib/kde4/libexec/
edited 2 days ago
cmak.fr
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
This worked for me on Kububuntu 19.04:
apt install libkdesu5
ln -s /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu /usr/lib/kde4/libexec/
edited 2 days ago
cmak.fr
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
This worked for me on Kububuntu 19.04:
apt install libkdesu5
ln -s /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu /usr/lib/kde4/libexec/
edited 2 days ago
cmak.fr
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
This worked for me on Kububuntu 19.04:
apt install libkdesu5
ln -s /usr/lib/x86_64-linux-gnu/libexec/kf5/kdesu /usr/lib/kde4/libexec/
edited 2 days ago
cmak.fr
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
cmak.fr
2,1341021
edited 2 days ago
cmak.fr
2,1341021
edited 2 days ago
cmak.fr
2,1341021
2,1341021
answered 2 days ago
woko1754woko1754
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
woko1754woko1754
11
answered 2 days ago
woko1754woko1754
11
11
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
woko1754 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1044354%2fkdesu-not-working%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I've noticed a curious thing about this. I'm running Kubuntu 18.04 and get the same results as you for kdesu and kdesudo, but if i type man kdesu i get the manual entry for kdesu as if it is installed. I wouldn't have expected a manual entry for a program that isn't available. kdesudo doesn't have a manual entry. I'll see what I can find out anyway.
– pHeLiOn
Jun 7 '18 at 5:20
Does
sudo -H dolphinwork?– pomsky
Jun 7 '18 at 5:25
I get Executing Dolphin as root is not possible. If specifically for Dolphin, I remembered that there is a Root option under Places - I'd hidden it already, but can right-click the Places section to 'Show All Entries'. Doesn't 'fix' kdesu but means you can run dolphin as root.
– pHeLiOn
Jun 7 '18 at 5:34
@pHeLiOn Fair point, I tried it with sudo, adn that didn't work, so I thought I would try it with kdesu. I've never tried that before.
– Sarah Szabo
Jun 7 '18 at 5:39
Please read the later entries in kubuntuforums.net/showthread.php/71347-KDE-file-manager-problem. The policy re. Dolphin is set to change back to being more permissive. I can't say when.
– DK Bose
Jun 7 '18 at 5:42