On 7 May 2010 01:34, Baybal Ni <nikuli...@gmail.com> wrote: > Yes, if it's security matter at least make it working without suid root > first, like use pam instead. This policykit is hardly a security framework. > > On 7 May 2010 01:26, "Richard Hughes" <hughsi...@gmail.com> wrote: > > On 7 May 2010 09:02, Baybal Ni <nikuli...@gmail.com> wrote: >> Why I can't compile upower without pol... > > Because UPower uses PolicyKit as a security framework. Why do you want > to change it? > > Richard. > Just for its extensive use of such a suboptimal thing as suid it can be banished from some distros which accents on security. Secondly, a hack to pk client means that pk will issue whatever permissions set by user of defaults without further checks. And, thirdly a simplest hack will be launching a fake dbus, and exploiting it for whatever reason.
PK utilises pam, and thus should be able to do things is a somehow more safe way, while it's not utilising even a glimpse of its features. _______________________________________________ devkit-devel mailing list devkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/devkit-devel
