:: Re: [DNG] XFCE : Granted permission…
Top Page
Delete this message
Reply to this message
Author: marc
Date:  
To: dng
Subject: Re: [DNG] XFCE : Granted permissions without asking for password
> > Policykit's configuration is yet another pseudo-language you have to
> > learn unless you can get rid of it, which is hard to do completely :-(
> >
> >     Didier

>
> Ok. Thanks. I'll dig in that direction. Based on this and many other
> incidents, policykit seems to be a big, gaping security hole.


Yup, it is a major security risk. Polkitd links in an xml parser,
the perl compatible regular expression library and the gobject
infrastructure of gtk.

That adds a zillion lines of code to many security-critical
applications and increases the attack surface in the same proportion.

It also makes it harder to trim down the minimal-server installation ...

regards

marc