david at fubar.dk
Fri Nov 20 16:53:11 PST 2009
On Fri, 2009-11-20 at 19:29 -0500, David Zeuthen wrote:
> For example, 'pkexec bash' is indeed safe even when your session is
> compromised exactly because (one-shot) authentication would happen in
> another security context (and because pkexec(1) itself runs in a
> separate security context because it is setuid root).
(Granted, if you have a compromised session, giving it a root shell
isn't really a great idea ;-) ... The point, however, is that you can
safely (insofar you can verify the command via e.g.
or similar) run super-user commands via pkexec(1) from a compromised
session without your root password being snooped - for example, you
could launch a new session or something.)
More information about the polkit-devel