Agent Authentication Question
Colin Walters
walters at verbum.org
Wed Jun 3 19:44:13 PDT 2015
On Wed, Jun 3, 2015, at 05:22 PM, Colin Walters wrote:
> Or should I just revert it?
I ended up pushing a revert, as I wanted to cleanly investigate other options.
> # Idea 1: Pass and verify uid
> - Add a new API AuthenticationAgentResponse2 which also takes a uint32 uid.
> - Change polkit-agent-helper-1 to read the real uid, and try calling the new API, falling back if it doesn't exist (for the case where a package is upgraded but the service wasn't restarted)
> - Change get_authentication_session_for_cookie() to match session->subject with that uid
I started this in https://bugs.freedesktop.org/show_bug.cgi?id=90837
More information about the polkit-devel
mailing list