SUMMARY The Joystick KCM tries to ensure that paths entered into the Device field are within the "/dev" directory. However it fails to do so. It has two significant issues: 1. Path truncation. When an entered path has a "/dev" subpath somewhere in the middle, the path gets truncated. For example "/your/long/path/dev/joy0" gets truncated to "/dev/joy0" and the KCM tries to use this incorrect path instead of throwing an error that the specified path is outside of "/dev". 2. Path canonicalization. The KCM doesn't canonicalize paths to check if they are indeed under "/dev", it's vulnerable to path traversals. For example it happily accepts "/dev/../your/path" as a valid path despite being outside of "/dev". SOFTWARE/OS VERSIONS Operating System: KDE neon 5.23 KDE Plasma Version: 5.23.0 KDE Frameworks Version: 5.87.0 Qt Version: 5.15.3
Thank you for the bug report, and I'm sorry we weren't able to look into it yet. A lot has changed since it was reported; can I ask you to see if this is still an issue with Plasma 6.4 or later? Thanks a lot!
๐๐งน โ ๏ธ This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information, then set the bug status to REPORTED. If there is no change for at least 30 days, it will be automatically closed as RESOLVED WORKSFORME. For more information about our bug triaging procedures, please read https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging. Thank you for helping us make KDE software even better for everyone!
๐๐งน This bug has been in NEEDSINFO status with no change for at least 30 days. Closing as RESOLVED WORKSFORME.