No it's not a bug in plasma 5, developers of various distribution changing program source code, compiled program and prevent the program will start as root. Find the Iternet older version of the program, install and lock update. Explanation written by Elvis Angelaccio consider rude, Elvis would like to abolish the GUI.

This is terrible news.

I used to complain about the Gnome devs treating users as being stupid, but now this has leaked into KDE.

Just now I write this on my laptop where I run KDE Plasma.

I broke ncurses so nano does not work, so I need an editor.

I was thinking "hey, I can use kate". Ok installing kate worked.

Then I try to open it and kate REFUSES to obey, boring me with an
extremely irrelevant message aka 

"Executing Kate as root is not possible. To edit files as root use:
SUDO_EDITOR=kate sudoedit <file>"

Now this is interesting.

Firstly, I have to say that I tried the above AND IT DOES NOT WORK,
so great job by those KDE devs who changed behaviour and did not
provide a work around.

Yes, I know a "work around" - I can change permission as superuser
anyway, edit it with kate, then change the permission again. I can
also use other editors too. I have tons of workaround BUT THE ISSUE
IS THAT SOME RANDOM KDE DEV SIMPLY CRIPPLED KATE HERE.

So firstly, please fire that dude. Second, please stop dumbing down
KDE everywhere. There is absolutely nothing wrong with the superuser
account. I am aware that you transitioned into a "we work for average
joe - and for red hat" but you used to be cool in the past, so what
happened with KDE?

There is some propaganda here:

https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/

None of this applies or is relevant but the problem is that some random
dude dictated onto everyone else. BAD decision.

This Martin dude does not run software on MY machine. Why can he decide
how I should run it?

I can probably find the faulty code and remove it but that means I have
to invest time... which Martin doesn't pay me for.

I have to find out if he works for Red Hat, then this explains why he
crippled kate. It's not a big deal anyway since other editors will work
fine or I can find thousand other ways to modify text files, including
via scripts - but seriously KDE people, what happened to you? Did
Microsoft buy you in? KDE Plasma looks like a Win10 clone.

You used to be cool.

At first, keep calm... There is no need to talk this way because it will not change anything.

(In reply to shevegen from comment #20)
> Then I try to open it and kate REFUSES to obey, boring me with an
> extremely irrelevant message aka 
> 
> "Executing Kate as root is not possible. To edit files as root use:
> SUDO_EDITOR=kate sudoedit <file>"

It's true. This message is of no use anymore. Just start kate, edit you files. It will ask for the Password by itself if you try to save. No sudo/kdesu/gksu required. But Frameworks 5.34 or newer (I think it was)
> 
> Now this is interesting.
> 
> Firstly, I have to say that I tried the above AND IT DOES NOT WORK,
> so great job by those KDE devs who changed behaviour and did not
> provide a work around.
It was a working workaround and it was there for a good reason.

> 
> Yes, I know a "work around" - I can change permission as superuser
> anyway, edit it with kate, then change the permission again. I can
> also use other editors too. I have tons of workaround BUT THE ISSUE
> IS THAT SOME RANDOM KDE DEV SIMPLY CRIPPLED KATE HERE.
You can also just start kate, edit you files. It will ask for the Password by itself if you try to save.

> 
> So firstly, please fire that dude. Second, please stop dumbing down
> KDE everywhere. There is absolutely nothing wrong with the superuser
> account.
Everythings wrong with the sudo "account" but even if not. Sudo(and alike) will NOT work on wayland. So There was, even for the "I dont care about security"-party, a reason that this change was made.

> I am aware that you transitioned into a "we work for average
> joe - and for red hat" but you used to be cool in the past, so what
> happened with KDE?

KDE is still independent, but they need to work on real-world applications, so in order to make software compatible to future beheviors (like that No-sudo-on-wayland stuff), users need to learn it too...

> 
> There is some propaganda here:
> 
> https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/
And just a few comments above is the solution... Just dont use sudo anymore for kate.
http://blog.chinmoyrp.com/ we have polkit integration now.

> 
> None of this applies or is relevant but the problem is that some random
> dude dictated onto everyone else. BAD decision.
> 
> This Martin dude does not run software on MY machine. Why can he decide
> how I should run it?
Because opensource is no democracy. It's made by people for themself. Of course you can ask for new features and many devs are nice persons who respect other needs (just like Martin with this change).
> 
> I can probably find the faulty code and remove it but that means I have
> to invest time... which Martin doesn't pay me for.
or you just invest time and read the full bugreport, so that you know that polkit is now used and kate will ask for you password if you want to save a root owned file. :D (in case you have a new-enough framework5 release)

> 
> I have to find out if he works for Red Hat
If nothing has changed, he works for BlueSystems - a 100% KDE supporter
https://en.wikipedia.org/wiki/Blue_Systems
And there is nothing wrong with working for RedHat. (except for the KDE Plasma respin of fedora, that one really sucks :P *hides*) People at Red Hat are just normal guys who do some work and share it with everyone for free and thats something so damn good, I hope they will keep this path forever.

>, then this explains why he
> crippled kate. 
It's because of security reasons... BTW not only in kate, but also dolphin. And i Hope all the others will follow.

> It's not a big deal anyway since other editors will work
> fine or I can find thousand other ways to modify text files, including
> via scripts - but seriously KDE people, what happened to you?
They dont try to stand still and implement new features that are required for the future.
> Did Microsoft buy you in? KDE Plasma looks like a Win10 clone.
Or is it Windows 10 that looks like KDE Plasma ;)?
> 
> You used to be cool.

In many ways I'm an "average Joe", although the REAL Joe doesn't use Linux distributions (they're still too quirky and buggy and too many things need to be done manually for things to work, I've had over 10 years to arrive at this conclusion, and it's not likely to change). But I'm a user who likes to tweak things and likes the freedom open source software gives, without the need to master advanced commands and coding. I think KDE/Plasma 5 is GREAT software, offering most of the features of a Windows 10 or MacOS without the bloat, the privacy issues, but with wonderful custamizability instead. But I agree with the frustration of Shevegen. Dumbing down is the domain of Gnome. People who turn to KDE want the full suite of options and the full freedom. Forget the Average Joe - he's lost (maybe forever). Cater to people who are into technology, into tweaking, without the need to code or master the terminal. Don't take away options, don't confuse. Sorry for the rant, but I just needed to share my two cents.

(In reply to Nate Graham from comment #25)
> Nobody is dumbing anything down. 
Yes you are.  I know when I am in root I know the dangers.  I don't need you killing applications to make me safe.  Did you all forget the meaning of "root" in Linux?  Actually you are screwing with access to something out of your control.  Root is a system function not a desktop function.

> Basic security involves running with the
> lowest permissions possible. That's why you selectively use sudo when you
> need to edit something as root, rather than using into the root account 100%
> of the time. This is simply a further extension of the principle: run with
> normal permissions until the software requests an action demanding elevated
> permissions, and only then do we ask for those permissions.

Actually there are Use Cases that a user must run under root 100% such as Pen Testing.  When pen testing you need full access to your OS.  OK you say use sudo yet "sudo kate" doesn't work.  Yet when in root Gedit, nano, LeafPad Vi and Emacs all run under root so explain how have you so called "protected" file access??


> 
> If some part of the new system doesn't work properly, that's a bug, and we
> should--and will--fix it. 

Well it broken SO fix it!

> But note that this particular bug report concerns
> KIO, not Kate. Anyone who's having an issue with Kate should file a new bug
> against the Kate product. And FWIW, Kate's PolKit support has been working
> just fine for me. You can open a root-owned file and then only when you save
> it are you prompted for credentials. Works like a charm, no "dumbing down"
> involved.

Well it seems that you all screwing with KIO broke kate so why report it to the kate team?  BTW what you said about opening a root owned file is wrong.  Kate will not open AT ALL under root.  you said I can see the file how?? Kate won't even open.  It doesn't "work like a charm" it doesn't work AT ALL.

Bo, you're not really arguing against a decision made here, but rather against the whole direction that our industry is going in. As has been mentioned, Wayland disallows running GUI apps as root. As a penetration tester, this may make your life more difficult, but you're not the user that the Wayland folks are targeting. They are trying to make computers more secure for ordinary users (who have difficulty with the concepts we're discussing), not more convenient for security researchers. I would recommend you take your case to the Wayland folks, though I doubt you'll get very far because this is an architectural design decision that doesn't really seem open for debate.

Instead, you're in the same boat we are: given that currently (or in the near future), we won't be able to open GUI apps as root, how can we avoid losing existing functionality? So far the answer seems to be PolKit adoption, which lets you open apps using normal user permissions and only request elevated permissions when necessary. Again this isn't really our decision; the world evolves and we need to evolve along with it or else our software will stop working.

> Well it seems that you all screwing with KIO broke kate so why report it to the
> kate team?  BTW what you said about opening a root owned file is wrong.  Kate
> will not open AT ALL under root.  you said I can see the file how?? Kate won't
> even open.  It doesn't "work like a charm" it doesn't work AT ALL.

You don't open Kate as root anymore. You open it with normal permissions and edit your root-owned file, either by opening it with the File > Open dialog, or via `kate /path/to/root/owned/file.txt`. When you save, you should get prompted for credentials to complete the save operation.

Both of those use cases work for me with KDE Frameworks 5.40 and Kate 17.12, and they have worked for quite a while. If either of those use cases do not work for you, please let us know.

(In reply to Bo Weaver from comment #41)
> (In reply to Nate Graham from comment #39)
> > Thanks for working with me and digging deep here. In the end, this was all
> > just a big misunderstanding, not some kind of conspiracy. :) 
> > 
> > Bugs for Dolphin and Kate:
> > - https://bugs.kde.org/show_bug.cgi?id=387974
> > - https://bugs.kde.org/show_bug.cgi?id=387973
> > 
> > Are there any other apps that gained PolKit support but stopped launching
> > when you're logged in as the root user?

I don't know if you saw my last email but after the last round of updates now Konqueror fails to work when logged in under root.  Question is Krusader next to stop working???  Everything I have tested using a normal account and modifying files or changing configurations the KIO and policy-kit are working fine.  You get a proper password box before the file is saved.  When logged in under the root account more is dying we are going in the wrong direction.  Again killing access to Kate and other tools accomplishes nothing since other applications that preform the same task work fine and will continue to work since they are not your tools and you can't modify their code.  Kate may not work but Leafpad, Nano, Vi, and Emacs just to name a few work fine.

Wayland was blamed for part of this and I was told Wayland is planning on killing GUI logins under the root account.  I could find anything on this in the Wayland forums.

You said this is not some kind of conspiracy but killing Konqueror in the last round of updates does make it appear that something is going on that isn't right.

I sill haven't gotten an answer to why Gmone, MATE, and other DEs aren't following this path it is only KDE killing root.  Why?  Especially when the biggest disto that uses you desktop by default fixes your builtin bug.

If I am talking to the wind here please just tell me to just f_ck off and die and this 20 year user of your desktop will sadly change to MATE.  I need to know something this killing applications without reason is screwing with the me making a living.  Its no fun to sit down ready to work and find out that the tools you used yesterday no longer work because you updated the system.  This is especially maddening when you work in security and you know for a fact this all fixes nothing and secures nothing within the DE or the OS.  It just makes the DE useless for some use cases.

> 
> I just tried some more applications.  All "custom" applications for Kali
> appear to be working fine.  The PIM interface did load.  I don't use it
> under root so it wasn't fully configured but did properly go into the set
> up.  The only applications I have found that don't work is Dolphin, Kate and
> Kwrite.  From the command line these all fail with the can't run under root
> error.  From the desktop when the icon is clicked they just fail no errors. 
> This is only happening when logged in the desktop as root.  When I am in a
> normal user account Kate runs and when saving a system file I get a proper
> password prompt.  This also happens when copying a file to a system
> directory.
> 
> Please don't get me wrong guys this is the "right way" for normal users the
> root account locked out and a password protected way to change files from a
> user account.
> 
> I just really miss Kate for me it is the finest text editor ever made.
> 
> Thanks for your all's help getting this fixed up

Is this going to be fixed soon?  At one time I did find a configuration file the the line "if uid=0 fail"  I didn't write down the location or file name and now I can't find it I am wondering if I jack up the uid number will uid 0 stop failing.

Just PLEASE!!! tell a way I can fix it back

BTW as someone that hacks systems of a living even when running under a normal account you have a lot of kworker process running as root if a Kate or Dolphin process running as root can be hijacked then the kworker process is also most likely vulnerable.  Again breaking kate and dolphin has secured nothing.

Again you have only created a problem not fixed one.

Again by design root is to have full access to everything.  Root is NOT a restricted account.  This is a UNIX/Linux thing not a desktop thing.

(In reply to Bo Weaver from comment #45)
> Is this going to be fixed soon?  At one time I did find a configuration file
> the the line "if uid=0 fail"  I didn't write down the location or file name
> and now I can't find it I am wondering if I jack up the uid number will uid
> 0 stop failing.
> 
> Just PLEASE!!! tell a way I can fix it back
> 
> BTW as someone that hacks systems of a living even when running under a
> normal account you have a lot of kworker process running as root if a Kate
> or Dolphin process running as root can be hijacked then the kworker process
> is also most likely vulnerable.  Again breaking kate and dolphin has secured
> nothing.
> 
> Again you have only created a problem not fixed one.
> 
> Again by design root is to have full access to everything.  Root is NOT a
> restricted account.  This is a UNIX/Linux thing not a desktop thing.

I read this infinite story in which some people assure us that we are all blind and brainless. All other file managers work in root mode only Dolphin can and should not. Hey, to make me blind and crazy and others who use and make such file managers. I think that someone will not intentionally fix the program or write it out from the beginning, it's easier to change a couple of lines of code. It's a shame and great nonsense that in Kali KDE is used dolphin that does not work in root mode.

(In reply to Antonio Rojas from comment #51)
> (In reply to Bo Weaver from comment #50)
> > Created attachment 112015 [details]
> > Screen Shot
> > 
> > When using kate from the CL you get this in the error.
> > 
> > "Executing Kate as root is not possible. To edit files as root use:
> > SUDO_EDITOR=kate sudoedit <file>"
> > 
> > In many of the blogs it says to use this method.  The method doesn't work. 
> > Please see attached screen shot as evidence.
> 
> You are *still* trying to run it as root. You're supposed to do that as a
> regular user. But in any case, that is obsolete, with a recent enough
> ktexteditor you can edit root owned files by running kate as a regular user.

Dear Antonio Rojas

Clearly you didn't *read* my other posts.  You also didn't read my posts on the kate flaw thread either.  Of course I am *still* looged in as root.  There are use cases where you *must* be logged in as root to preform your work properly.  Pen Testing is one of these cases.  As a security researcher, pen tester, Assessor, and Security Analyst for almost 30 years.  I must ask "How do you test your code???"  Do you only use autmomated testing.  Clearly you do use the defacto industry standard disto (Kali) for pen testing to do manual testing of your code or you would understand the need for root access to applications.  If you are not manually testing your code with the manual tools used on a daily basis by hackers then this is a greater security risk than having Kate of Dolphin running as root.  This is an EPIC FAIL on your part.  Please remember Mr. Coder I do this for a living.  You have failed your assessment.  Your reply has just shown KDE developers are not properly manually auditing their code.

Let's talk about the attachment I sent in.  The error says use SUDO_EDITOR.  Well what if sudo is set up to be run with NO PASSWORD if an attacker gains access to the system under a normal user with sudo rights then this command can be ran and root access gained through the embeded Konsole without the use of a PASSWORD!  AWS systems the ubuntu account is set up in this manner.  So your work around is more dangerous than what you are attempting to fix.  So you have "fixed" nothing only broken the application from normal use.

I hate to repost but since you didn't read my reply on the other thread here it is again.

Here's a BIG technical reason for this to be changed back.

Root is a "system level" account not a user account under control of the OS and not the desktop.  Root is to have full access to every process and application.  This has been a UNIX standard since the 1970's.  KDE is NOT a system level process.  KDE is a desktop which runs in the Presentation and Application of the OSI model (You guys have heard of the 7 layers of the OSI model?)  The root account is part of the System layer of this model.  When developing and application the developer is not to screw with the system functions.  These embedded flaws do just that by breaking root access to these bineries. 

Here's a suggestion...  Why don't developers take some courses in Linux Systems Engineering and learn the rules and standards that the operating systems are built by?  Clearly you all are not engineers or this would not be a problem and I would not be writing all this.  Take time to learn the OSI model that operating systems are designed by. 

One reason I was told for this change was Wayland now runs in the user space.  Yes this is the case when logged in under a normal user account the compositor runs under that account.  When logged in under a root account this is not the case the compositor then runs under the root account just fine.  Download a copy of Kali the the Gnome DE and you'll see Wayland does run under root when you are root.  So this reason is flawed.

I have yet to get a reply on any of this from you all.

Again I am the guy you are attempting to "keep out" of your processes and again I will say this.  If I have hacked a box and have a normal users access I am not going to attempt to hack a running kate of dolphin process running under root because THIS PROCESS CAN BE KILLED AT ANYTIME BY THE PERSON RUNNING THE PROCESS!  I will attempt to hijack a running SYSTEM PROCESS not a user application.

And again I write this below.  sorry to keep repeating myself but you all don't seem to be listening.

People like myself that must be logged in as root for work understand the risk and are careful and parinod while in root.  They also understand the risk and if anything bad happens they assume the risk.  As people like myself only work under the root account to only do the work needed and then change to a normal user account for normal use.  I don't need you to hold my hand and keep me safe.

Also I don't need someone who is not a qualified pen tester trying to "educate" me in my job or my work flow.  Your a coder NOT a security person.  Please quit peeing in my pond and I will not pee in yours.

Yes I know I am being *rude* again well Mr. Rojas don't be rude and *read* what I have written and *don't* talk down to me like I am a noobie fool.

It is strange I keep getting noob replies on how to work but I have yet to get techinical responses to the techinical issues I have raised here.

(In reply to Bo Weaver from comment #53)
> (In reply to Antonio Rojas from comment #51)
> > (In reply to Bo Weaver from comment #50)
> > > Created attachment 112015 [details]
> > > Screen Shot
> > > 
> > > When using kate from the CL you get this in the error.
> > > 
> > > "Executing Kate as root is not possible. To edit files as root use:
> > > SUDO_EDITOR=kate sudoedit <file>"
> > > 
> > > In many of the blogs it says to use this method.  The method doesn't work. 
> > > Please see attached screen shot as evidence.
> > 
> > You are *still* trying to run it as root. You're supposed to do that as a
> > regular user. But in any case, that is obsolete, with a recent enough
> > ktexteditor you can edit root owned files by running kate as a regular user.
> 
> Dear Antonio Rojas
> 
> Clearly you didn't *read* my other posts.  You also didn't read my posts on
> the kate flaw thread either.  Of course I am *still* looged in as root. 
> There are use cases where you *must* be logged in as root to preform your
> work properly.  Pen Testing is one of these cases.  As a security
> researcher, pen tester, Assessor, and Security Analyst for almost 30 years. 
> I must ask "How do you test your code???"  Do you only use autmomated
> testing.  Clearly you do use the defacto industry standard disto (Kali) for
> pen testing to do manual testing of your code or you would understand the
> need for root access to applications.  If you are not manually testing your
> code with the manual tools used on a daily basis by hackers then this is a
> greater security risk than having Kate of Dolphin running as root.  This is
> an EPIC FAIL on your part.  Please remember Mr. Coder I do this for a
> living.  You have failed your assessment.  Your reply has just shown KDE
> developers are not properly manually auditing their code.
> 
> Let's talk about the attachment I sent in.  The error says use SUDO_EDITOR. 
> Well what if sudo is set up to be run with NO PASSWORD if an attacker gains
> access to the system under a normal user with sudo rights then this command
> can be ran and root access gained through the embeded Konsole without the
> use of a PASSWORD!  AWS systems the ubuntu account is set up in this manner.
> So your work around is more dangerous than what you are attempting to fix. 
> So you have "fixed" nothing only broken the application from normal use.
> 
> I hate to repost but since you didn't read my reply on the other thread here
> it is again.
> 
> Here's a BIG technical reason for this to be changed back.
> 
> Root is a "system level" account not a user account under control of the OS
> and not the desktop.  Root is to have full access to every process and
> application.  This has been a UNIX standard since the 1970's.  KDE is NOT a
> system level process.  KDE is a desktop which runs in the Presentation and
> Application of the OSI model (You guys have heard of the 7 layers of the OSI
> model?)  The root account is part of the System layer of this model.  When
> developing and application the developer is not to screw with the system
> functions.  These embedded flaws do just that by breaking root access to
> these bineries. 
> 
> Here's a suggestion...  Why don't developers take some courses in Linux
> Systems Engineering and learn the rules and standards that the operating
> systems are built by?  Clearly you all are not engineers or this would not
> be a problem and I would not be writing all this.  Take time to learn the
> OSI model that operating systems are designed by. 
> 
> One reason I was told for this change was Wayland now runs in the user
> space.  Yes this is the case when logged in under a normal user account the
> compositor runs under that account.  When logged in under a root account
> this is not the case the compositor then runs under the root account just
> fine.  Download a copy of Kali the the Gnome DE and you'll see Wayland does
> run under root when you are root.  So this reason is flawed.
> 
> I have yet to get a reply on any of this from you all.
> 
> Again I am the guy you are attempting to "keep out" of your processes and
> again I will say this.  If I have hacked a box and have a normal users
> access I am not going to attempt to hack a running kate of dolphin process
> running under root because THIS PROCESS CAN BE KILLED AT ANYTIME BY THE
> PERSON RUNNING THE PROCESS!  I will attempt to hijack a running SYSTEM
> PROCESS not a user application.
> 
> And again I write this below.  sorry to keep repeating myself but you all
> don't seem to be listening.
> 
> People like myself that must be logged in as root for work understand the
> risk and are careful and parinod while in root.  They also understand the
> risk and if anything bad happens they assume the risk.  As people like
> myself only work under the root account to only do the work needed and then
> change to a normal user account for normal use.  I don't need you to hold my
> hand and keep me safe.
> 
> Also I don't need someone who is not a qualified pen tester trying to
> "educate" me in my job or my work flow.  Your a coder NOT a security person.
> Please quit peeing in my pond and I will not pee in yours.
> 
> Yes I know I am being *rude* again well Mr. Rojas don't be rude and *read*
> what I have written and *don't* talk down to me like I am a noobie fool.
> 
> It is strange I keep getting noob replies on how to work but I have yet to
> get techinical responses to the techinical issues I have raised here.

I'd like to correct a typo.  I wrote:
"Clearly you do use the defacto industry standard disto (Kali) for pen testing to do manual testing of your code or you would understand the need for root access to applications. "

It should read "you don't use".

I'd also like to point out that on the Bug Report sites for SuSE, Kali and Kubuntu this is listed as a *Bug* not a feature.  It is only listed here as a good idea.  SuSE has fixed this flaw in their repos.  Kubuntu is hoping you will correct this and since KDE is not the default DE their answer is "use a different DE".

Please load up a version of Kali with KDE as the DE and tell me your fix is correct.

(In reply to Nate Graham from comment #84)
> *** Bug 413360 has been marked as a duplicate of this bug. ***

Well Nate here we are a year later having the same discussion.  I had a feeling after updating my system when my root login failed it would lead back to this exact same cause but I did have faith you all learned from last years mistake and was hoping this wasn't going to be the exact same problem but here we are.

In security after something breached we have what is called a "Lessons Learned" meeting to figure out what went wrong fix the problem and NEVER make the same mistake twice.  Clearly this is not the case with developers.

You did last year after about 9 months fix dolphin and kate to work as normal and I thank you for that.  You even included a nice warning message on dolphin to be careful you are in root.  That was all that was needed.  A warning not a lock out.

Again I to point out this work does NOTHING to secure the system a simple CTL ATL F1 and you can get a tty and you can log in as root.  The only thing you have accomplish is keeping me from getting any work done.

I want to point out something you could do to actually secure the system.  These days it is hard to find a login screen that doesn't have bubbleheads with the user names and photos on it or a login box that doesn't keep the last user name in the login box.  Having all the users listed on the login screen gives an attacked half the puzzle when brute forcing a password.  Plus it is real ugly in an office where there are 15 users on a machine.  All them bubbleheads.  One thing that helps secure Linux in a brute force password attack is you have to know the user account name to run an attack.  Having the name and photo of the user on the login screen gives you this information.  Even Windows gives you a login screen with blank fields.

So when can I have my desktop back???

I understand that you're frustrated. I'm frustrated too. If you have the appropriate technical skills, you could help to review https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783? That's the path forward here.

(In reply to Nate Graham from comment #86)
> I understand that you're frustrated. I'm frustrated too. If you have the
> appropriate technical skills, you could help to review
> https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783?
> That's the path forward here.

I did look over the links.  I didn't see any discussion on locking root out of logins or why this should be done.  I admit I'm not a coder I'm a security guy.  I don't write applications or systems I break into them.  Last year I pointed out many reasons that actions like this do nothing to secure the system.  Again this does nothing to secure the system only break the DE.  Again CTL ATL F1 defeats your patch and will give you a root login.

Think about it hacks are normally done remotely through a system level service or process.  A DE isn't the point of entry.  Crippling the DE does nothing to keep an attacker out.  Even a local hack doesn't secure the system if an account is compromised with sudo access so locking the root login does not to secure the system.  Really you all are spending time and resources to fix a problem that doesn't exist.

Really if you want to do something to really secure your DE then remove the bubbleheads on the login screen with the user names and photos and blank all the login fields.  Really this IS a security problem.

As I said before on with local access to the machine you have given me half the problem of brute forcing an account, the user name.  Even more so with the photo.  Let's say John has an account on a machine I could "guess" his user name is john but what if his user name is "frogger" I could brute force john unitl the end of time and get no where.  If I walk my his machine and see his photo then I know his login is frogger so now I know what user name to brute force.

Nate you said "That's the path forward here." do I need to login in there to fight this battle?

PLEASE!!!! could I have my desktop back!

If I remember correctly, this is a Dolphin file manager. I read big players plan to leave support for Plasma and KDE. In Kali update program plasma product dont work, synaptic work. I am no longer interested in constantly updating and constantly adding actions that I do not need, every new version uploads 200-300 files initially, and this is repeated all the time on verzion x,x 01 to x. x.5 .
After that a new plsma version, new round of the same

Bo Weaver from comment #89)


We didn't understand each other, when I listed the number of files I meant Neon Plasma (not testing), every update with e.g. 5.16.5 to 5.17.0 is a minumum of> 200 files to update, following an update that will release 5.17.1 again at least> 200 files. This goes into the cycle to 5.17.5 and then leaps to the new version 5.18.0. Does anyone keep a gun on their developers that they have to throw out an update that they repair afterwards? As for Kali he is an RR distribution and there is an understandable number of files to update. All of this reminds me of some of the medicines I have been drinking for over 10 years and have now been withdrawn from sale because they cause cancer, the 10 years it took finds out that dolphin is not ok, what is the purpose of such a file manager in relation to other file managers?

Created attachment 123528 [details]
Security Report on the Functions of the KDE Desktop

(In reply to Nate Graham from comment #86)
> I understand that you're frustrated. I'm frustrated too. If you have the
> appropriate technical skills, you could help to review
> https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783?
> That's the path forward here.

My technical skills are in internet security.  I have reviewed the two supplied links and attached a report of my findings on the found security flaws.  Please respect the fact I have done this for free in order to help the development team in their security processes.  Normally I get paid for a report such as this but in the spirit of open source this is free for anyone to use.

One question I have that needs to be urgently answered is when will access to the root login be returned?

I am a retired person, but I have spent my entire life leading a large computer center and at the end of my career leading and modernizing the municipal administration. All that linux and win I had was on the mainframe many years ago.
Now purely from the hobby I use linux, with me every plasma linux can be rooted in GUI mode. I did not intervene in the code, but I do. Neon user edition, Manjaro, Calculate (gentoo with installer, without systemd), Kali RR and log in wit gui and work in GUI environment. I have the first three listed distros on ex4 and on the btfrs file system. It is devastating that someone is forcing the btrfs file system, and just because they say it for free, we realized that it was wrong. We are not in kindergarten so we develop toys, I do not want to play with something that is not for play, for these reasons I have cited an example of a drug that now, after so many years, is found to cause cancer, a cure for the stomach that I have used all the time . While I used windows a little, I never had as many problems with as many re-installations as in linux. I need linux to do the same thing as windows and not to study and look for glitches that someone makes in a strong desire to prove something and I don't know what they want.

(In reply to Nate Graham from comment #86)
> I understand that you're frustrated. I'm frustrated too. If you have the
> appropriate technical skills, you could help to review
> https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783?
> That's the path forward here.

I have checked both the links and I don't see any movement to fix this problem and no discussion on my report.

When can I have my desktop back???  PLEASE! give me an ETA.

So, this bug is pestering KDE users for a decade already. 

Is David Faure still alive or does he has other hobbies nowadays?

Isn't this a sign on the wall to NOT use KIO at all and revert back to the state that it just worked?

(In reply to blueball from comment #95)
> So, this bug is pestering KDE users for a decade already. 
> 
> Is David Faure still alive or does he has other hobbies nowadays?
> 
> Isn't this a sign on the wall to NOT use KIO at all and revert back to the
> state that it just worked?

My best advice is change to XFCE and stop putting up with fools that think they are Gods.  I did.

XFCE has come a long way and it is a stable secure DE and the developers listen to their users.  XFCE is now the default DE for Kali for this reason.  The Kali developers got tired of fixing there developers screw ups and went to XFCE.

Another good reason to change is these developers don't do proper security testing of their code using the common tools of the industry.  Please read my attached report in PDF from several months ago.

(In reply to petrk from comment #102)
> That revert was stuck for a year. I don't see it going anywhere with
> dissatisfied users being called "vocal minority".
> 
> I'm not speaking for myself, as I don't mind doing stuff via terminal.
> However, KDE lately was aiming more towards new users. Why would they be
> forced to learn their way around console, or to keep different file manager
> just to edit some files in restricted areas?

I wrote about this back in 2019 and they aren't going to listen.  The developers here seem to know better than you and me and are protecting us from ourselves.  My best fix found is XFCE.  It is a great DE and the developers don't mess with root access.  BTW I was a KDE user since the 90's and finally gave up.

(In reply to Bo Weaver from comment #103)
> (In reply to petrk from comment #102)
> > That revert was stuck for a year. I don't see it going anywhere with
> > dissatisfied users being called "vocal minority".
> > 
> > I'm not speaking for myself, as I don't mind doing stuff via terminal.
> > However, KDE lately was aiming more towards new users. Why would they be
> > forced to learn their way around console, or to keep different file manager
> > just to edit some files in restricted areas?
> 
> I wrote about this back in 2019 and they aren't going to listen.  The
> developers here seem to know better than you and me and are protecting us
> from ourselves.  My best fix found is XFCE.  It is a great DE and the
> developers don't mess with root access.  BTW I was a KDE user since the 90's
> and finally gave up.

Never finished the story, happiness there is a Krusader, so it is possible to start this file manager in root mode with sudo. Sometimes a great program Dolphin is nothing now. Discover the same hour works or doesn't work or need an eternity to load update. Every update of the plasme happens, I am interfering, I have the impression that something changes and there is no purpose. I advertised on the forum Thermal Monitor KJI works in all other Linuxima and only the update plasms from 5.21 to 5.22 it was raiding, Instal Xysguard does not help me. Developers are more and more like Windows developers, they know what we need and think of us and protect us from ourselves.

Created attachment 143028 [details]
attachment-20868-0.html

> It is a great DE and the developers don't mess with root access.

I myself use icewm but I use some great KDE applications such as
konsole. Okular is also fine. I don't use KDE5 myself, largely because
it became too much of a hassle to compile it from source. I can compile
most of it but then "startx" no longer works; it crashes soon after it
tries to load. KDE3 worked fine; I have no idea why the quality
decreased so much. For the record I can compile from source and use
startx for icewm, fluxbox, mate-desktop, xfce, lxqt. Somehow the big
DEs moved towards Average Joe - which is ok in itself, but they also
dumbed things down for the power users immensely. No idea why
the KDE devs joined that - perhaps economic reasons. See GNOME.

The issue in regards to pestering the superuser is deeper, though and
not solely confined to kio or any individual component. I could not
use kate as the superuser. I read the code and in the CPP source code
there are a few lines #define - so the whole application is deliberately
and maliciously crippled via ~5 lines. You remove it, then recompile
and it works fine. Other editors don't have this crippling aspect. I
have no idea why the kate devs went that route. I tried to explain to
them that it is utterly stupid to cripple functionality that works perfectly
well. The proper use may be to show a warning but continue to use
rather than this "I won't start at all because YOU ARE A BAD BOY".

I decide for my own anyway and other editors work fine so why is
some random average joe KDE dev thinking he knows it all better?
To the point of crippling functionality? The usual "argument" used is
"because YOU COULD KILL PEOPLE" aka "damage your system". I
could not care any less about it. I care about devs crippling my system
randomly and arbitrarily - that part is annoying. THAT is the big
problem with both KDE and GNOME - individual devs who think they
are right and then subject and subjugate the downstream users.

This point is made even worse by the fact that it's just a few crappy
#defines. I mean IF you really want to restrict the super user because
you hate the super user then at the least write beautiful code that
restricts this RATHER THAN THIS CRAP FEW #define STATEMENTS that
are an insult to any 8 years old that can use an editor as-is.

There used to be a work around for kate via an ENV variable. I tried
it - and it did not work. That was years ago. I then complained about
it. At first it seemed to effect change, but then, whoever is calling
the shots, decided that KDE is now going for the Average Joe and
Average Joe is never ever allowed to be super user. Ever. For
whatever the reason (again, I don't understand it, but these devs
cater to the average joe, and they have a point too - we power users
are in the minority now. Everything has been dumbed down and
the restrictions to cripple functionality in regards to the superuser
is PRECISELY one example of this dumb-down trend. And it will
continue, we all know that. The bigger the DE, the more and more
dumbed down it will be - just look at GNOME for where KDE is
headed. Note: I have nothing against simplifications or usability
improvements. What I have something against is the attempt
to restrict and cripple users deliberately rather than assume
that they know better and can decide for their own - and yes,
we can decide, but not when topdown developers want to coerce
others into their world view. And THAT is the fundamental problem.)

On Wed, Oct 27, 2021 at 10:44 AM lega99 <bugzilla_noreply@kde.org> wrote:

> https://bugs.kde.org/show_bug.cgi?id=179678
>
> --- Comment #104 from lega99 <dragan.legic@mail.ru> ---
> (In reply to Bo Weaver from comment #103)
> > (In reply to petrk from comment #102)
> > > That revert was stuck for a year. I don't see it going anywhere with
> > > dissatisfied users being called "vocal minority".
> > >
> > > I'm not speaking for myself, as I don't mind doing stuff via terminal.
> > > However, KDE lately was aiming more towards new users. Why would they
> be
> > > forced to learn their way around console, or to keep different file
> manager
> > > just to edit some files in restricted areas?
> >
> > I wrote about this back in 2019 and they aren't going to listen.  The
> > developers here seem to know better than you and me and are protecting us
> > from ourselves.  My best fix found is XFCE.  It is a great DE and the
> > developers don't mess with root access.  BTW I was a KDE user since the
> 90's
> > and finally gave up.
>
> Never finished the story, happiness there is a Krusader, so it is possible
> to
> start this file manager in root mode with sudo. Sometimes a great program
> Dolphin is nothing now. Discover the same hour works or doesn't work or
> need an
> eternity to load update. Every update of the plasme happens, I am
> interfering,
> I have the impression that something changes and there is no purpose. I
> advertised on the forum Thermal Monitor KJI works in all other Linuxima and
> only the update plasms from 5.21 to 5.22 it was raiding, Instal Xysguard
> does
> not help me. Developers are more and more like Windows developers, they
> know
> what we need and think of us and protect us from ourselves.
>
> --
> You are receiving this mail because:
> You are on the CC list for the bug.

Hi. Please delete this comment if you think that it brings nothing of value here. I'm not intending to disobey any rules or anything.

> This imho silly decision to disable sudo access to Dolphin just created
> negative publicity outside our GNU/Linux echo chamber. This is from a quite
> famous Youtuber doing a "Linux challenge":
> https://www.youtube.com/watch?v=5MAlgKdsdvg&t=2886s
> 
> It is a reality check and a wake-up call if we ever needed one.
I am an example of a person who found out about this issue via this video. And it won't be an exaggeration to say that I'm just astonishingly shocked after reading the history of this issue and comments here. I've never used KDE much, but I've always assumed that it is a software made by professional people that works in the interest of its user. Oh boy, how wrong have I been. I would've expected this kind of hostile behavior toward users and ignoring their needs from Microsoft, or maybe Adobe. Somehow, you the KDE authors have managed to be even worse here. 
I've decided that I will never use KDE in the future, regardless of whether this particular issue gets fixed or not, and I will promote the same message to other people. I sincerely believe that there should be no place in the software industry for this kind of anti-user behaviour.

(In reply to Yaroslavik from comment #107)
> Hi. Please delete this comment if you think that it brings nothing of value
> here. I'm not intending to disobey any rules or anything.
> 
> > This imho silly decision to disable sudo access to Dolphin just created
> > negative publicity outside our GNU/Linux echo chamber. This is from a quite
> > famous Youtuber doing a "Linux challenge":
> > https://www.youtube.com/watch?v=5MAlgKdsdvg&t=2886s
> > 
> > It is a reality check and a wake-up call if we ever needed one.
> I am an example of a person who found out about this issue via this video.
> And it won't be an exaggeration to say that I'm just astonishingly shocked
> after reading the history of this issue and comments here. I've never used
> KDE much, but I've always assumed that it is a software made by professional
> people that works in the interest of its user. Oh boy, how wrong have I
> been. I would've expected this kind of hostile behavior toward users and
> ignoring their needs from Microsoft, or maybe Adobe. Somehow, you the KDE
> authors have managed to be even worse here. 
> I've decided that I will never use KDE in the future, regardless of whether
> this particular issue gets fixed or not, and I will promote the same message
> to other people. I sincerely believe that there should be no place in the
> software industry for this kind of anti-user behaviour.

This issue is a major frustration for me as well. I still use KDE because it gives me a lot of flexibility in other areas, and is not as dumbed down as Gnome, or as archaic as XFCE. Actually, when I think about it, the fact that you can no longer customize things graphically to any serious extent in e.g. Gnome is almost as painful. Still, I agree that denying root priveleges is a major violation of a fundamental concept in Linux. You can get round it by e.g. using Krusader, but why should you?
I've recently tried MX Linux and I was amazed to find that Dolphin does work there as it should. No problem going into root mode. So they must have "hacked" it for their distro. I would definitely use MX Linux, then, if it weren't for the fact that they've got their own limitations which affect me: I've got an optimus laptop (Intel + Nvidia GFX card) and I can't run the whole system on Nvidia, I can only start individual apps in "Nvidia mode", which can work as long as you don't need to use HDMI output (which is routed from the Nvidia card) - so no other monitors, no projectors.... Also, Cuda doesn't work on MX Linux, so no wasy to use GPU rendering in Blender. But for those who don't need these features, MX Linux KDE might be the distro.