Security considerations in PolicyKit-enabled daemons

Richard Hughes hughsient at
Tue Jul 14 13:39:33 PDT 2009

2009/7/14 David Zeuthen <david at>:
> Not right now. Suggest to just refer to "the PolicyKit-1 man page",
> there's ASCII versions in the actual man page so it is just as usable.

Okay, I've done this, thanks.

> Maybe in the policy file is fine enough. Then you can just link to that
> one.

I'll do this tomorrow. Do you have any standard way (or
recommendations) on how to document policy files?

> Nope, such an attack is not possible.
> Anyway, all this crap is nicely hidden in the PolkitAgentSession class
> but it is important to know how it works.
> Hope this clarifies.

Yes, thanks for the superb explanation.


More information about the polkit-devel mailing list