Why I can't compile upower without policykit and other *kit stuff?

Baybal Ni nikulinpi at gmail.com
Fri May 7 13:28:52 PDT 2010


On 7 May 2010 01:34, Baybal Ni <nikulinpi at gmail.com> wrote:
> Yes, if it's security matter at least make it working without suid root
> first, like use pam instead. This policykit is hardly a security framework.
>
> On 7 May 2010 01:26, "Richard Hughes" <hughsient at gmail.com> wrote:
>
> On 7 May 2010 09:02, Baybal Ni <nikulinpi at gmail.com> wrote:
>> Why I can't compile upower without pol...
>
> Because UPower uses PolicyKit as a security framework. Why do you want
> to change it?
>
> Richard.
>
Just for its extensive use of such a suboptimal thing as suid it can
be banished from some distros which accents on security. Secondly, a
hack to pk client means that pk will issue whatever permissions set by
user of defaults without further checks. And, thirdly a simplest hack
will be launching a fake dbus, and exploiting it for whatever reason.

PK utilises pam, and thus should be able to do things is a somehow
more safe way, while it's not utilising even a glimpse of its
features.


More information about the devkit-devel mailing list