Le 1 février 2022 02:49:24 GMT+01:00, scott092...@aol.com a écrit :
>I am curious about something...
>
>I thought the rationale of using PolicyKit over sudo was, that with sudo, the
>entire time an app was running,
>it was with administrative rights, thus there was a longer time for someone to
>try and take over in some way...
The main idea is not to have privileges for a shorter time but to do *less* as
a privileged user.
And the first reason to do the change is so that the *UI* doesn't need to run
as root which has been discouraged for a long time because it offers a huge
attack surface.
I've not looked at the code but I guess partition manager may need root for
scanning the disks and partitions, thus asking right away.
Or just for simplicity and not to have to do the polkit transaction from
various places in the code.
