Hello,
When right click in the SFTP remote directory to create a new file, Dolphin sets the permission bit to Access: (7777/-rwsrwsrwt). I don’t think this is a good default permission mode and could lead to privilege escalation. But didn’t find a way to configure it.
It also seems that Kate doesn’t maintain ownership of files when dealing with remote directory saves. It deletes the original and recreate it while original permissions are lost. e.g.
public/ : user(root) group(users) access(drwxrwxr-x)
- file : user(alice) group(users) access(-rw-rw-r--)
When bob (in users group) edit file and save using Kate, the original permissions are lost, creating:
public/ : user(root) group(users) access(drwxrwxr-x)
- file : user(bob) group(bob) access(-rw-rw-r--)
In this case alice will lost the file control and have no permission on file.
For another situation:
public/ : user(root) group(root) access(drwxr-xr-x)
- file : user(alice) group(users) access(-rw-rw-r--)
Though bob can edit the file (granted by group write), Kate will throw a permission error.
However, if using vim over Dolphin the permission is all right, so as editing a local file.
What component could this be a problem with? I understand that remote folders are handled by KIO in KDE, and I’m not sure which category to file a bug for such an issue.