https://harpi.cc/tags/race-condition/Recent content in Race-Condition on harpi - Security ResearcherHugoen-usMon, 06 Apr 2026 16:04:01 +0300https://harpi.cc/blog/cves/kde-kio-admin/Thu, 15 May 2025 00:00:00 +0000https://harpi.cc/blog/cves/kde-kio-admin/<blockquote> <p><em>&ldquo;When you want to know how things really work, study them when they&rsquo;re coming apart.&rdquo;</em> — William Gibson</p></blockquote> <h2 id="how-i-got-here">How I Got Here</h2> <p>In late 2024 I scoped out an engagement for <a href="https://www.radicallyopensecurity.com/">Radically Open Security</a> targeting <code>kio-admin</code> — the KDE component that gives Dolphin (KDE&rsquo;s file manager) the ability to perform file operations as root. The proposal was straightforward:</p> <blockquote> <p>Code audit and pentesting of <code>Dolphin</code> authorisation mechanisms as they are provided by <code>kio-admin</code> and <code>kio</code> framework.</p>