0

Hi Braintrust,

Recently, my distro updated my KDE installation only to find that I can't launch
some apps whilst logged in as root user, i.e. Kwrite and Dolphin and who knows
what else!

Apparently this has been implemented as a 'security' feature.

Please, please, please can you make available two versions, one with the
security feature enabled and the other without the root user limitation.

Thank you on behalf of the silent majority.

Kate (so presumably kwrite too) has been updated so that you can edit root files. You don't need to "sudo", just edit your file and you will get a password prompt upon save. It's being worked on so Dolphin will work in a similar fashion.

Give midnight commander a try for root file editing. It is a great program.

Thanks for reply Clancularius,

Apparently the problem goes deeper.

The developers of KDE have 'hard-coded' these applications to
exit if the user has a user ID of 0 which is the root user.

Their are work arounds that involve patches and rebuilding
the app from source code but it's not a long term solution.

I don't see why distro builders or users can't choose between
the 'secure' code and another without limitations.

Wayland does not support opening graphical applications, so as distributions switch to it, the long term solution will be opening graphical applications as root will be a thing of history unless you pointedly find a distribution which allows this.


Good post showing how the new system in Dolphin works in practice: viewtopic.php?f=224&t=141836&hilit=dolphin#p385230

Having seen people complaining that they can no longer run some of these apps when they are already logged in as root, it would seem to me that as much as the apps might wish to utterly prevent this for security reasons, if the current desktop session is root then everything you run will and should be run as root.
I see this usage as a separate use case from a user using su or sudo in a terminal to kick things off as root. I see that use case covered by the changes to have apps running as the current user ask for permission to edit root-only things.

Now some will of course bring up all of the reasons why you should never log in to a GUI desktop session as root as well as all of the workarounds to doing everything they need to do from a non-root desktop session. I would expect some to insist that they are fine with taking down all of the guardrails and running a root desktop session (presumably you should be able to configure sudo and/or polkit and/or chmod to let a given normal user do everything they will need to do, but that takes time/effort/expertise that many of these people aren't willing to put into a problem they didn't have when they could just log in as root).
(of course if Wayland disallows running the whole session as root, then this all becomes moot and you'll just need to plan to tell polkit to let you do everything you need to do)