Security considerations in PolicyKit-enabled daemons
hughsient at gmail.com
Tue Jul 14 13:39:33 PDT 2009
2009/7/14 David Zeuthen <david at fubar.dk>:
> Not right now. Suggest to just refer to "the PolicyKit-1 man page",
> there's ASCII versions in the actual man page so it is just as usable.
Okay, I've done this, thanks.
> Maybe in the policy file is fine enough. Then you can just link to that
I'll do this tomorrow. Do you have any standard way (or
recommendations) on how to document policy files?
> Nope, such an attack is not possible.
> Anyway, all this crap is nicely hidden in the PolkitAgentSession class
> but it is important to know how it works.
> Hope this clarifies.
Yes, thanks for the superb explanation.
More information about the polkit-devel