Polkit-1 Shadow Patch
Andrew Psaltis
ampsaltis at gmail.com
Sun Jun 20 14:14:08 PDT 2010
David,
I was wondering what the status of my patch is.
It is currently in at least one distribution's package and no problems have
been reported so far, so all that seems to be left is just a review so it
can hit upstream.
Also, I was wondering if you could take a look at the potential security bug
that Petr Mrazek found a little while ago:
http://lists.freedesktop.org/archives/polkit-devel/2010-May/000308.html
I understand that you are busy with other projects, but given the necessity
and importance of polkit-1 in modern desktops, I would appreciate it if you
could look into getting it into the mainline as soon as it is possible. I
will have time to implement any fixes that are suggested in the near future.
~Andrew
On Fri, Mar 19, 2010 at 6:22 PM, Andrew Psaltis <ampsaltis at gmail.com> wrote:
> Hi again.
>
> After looking at the previous patch a little bit, it seems that there were
> some bugs in handling authorization errors, but did not have time to correct
> them until recently. This (new) patch should correct them. The
> caveats/comments in the previous message still apply.
>
> ~Andrew
>
>
> On 2010-01-15 21:50, Andrew Psaltis wrote:
>
>> Hello.
>>
>> Attached is a patch that allows the use of polkit-1 without PAM. It is
>> based on suggestions that David provided to Robby Workman (pretty much
>> fooling the authenticator into thinking the helper is using PAM). Robby
>> and I tested the patch on modified Slackware installations, and it seems
>> to work correctly.
>>
>> While this allows for polkit-1 to be used without PAM, running "startx"
>> from console logins will not "poke" ConsoleKit as it should. I had to
>> log in with gdm to be able to get ConsoleKit to be happy.
>>
>> The only thing I was not sure of was how to handle the applications of
>> per-user limits using just shadow in pkexec. I can do more research on
>> this if need be (and if so, pointers would be appreciated).
>>
>> ~Andrew
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/polkit-devel/attachments/20100620/e5315592/attachment.html>
More information about the polkit-devel
mailing list