Hello Everyone, I've been having some issues with pol kit and I was hoping some of you might be able to answer some of my questions. What I want to do with it is allow one of my GUIs to execute a script, which in turns executes whatever commands are passed as arguments. I wanted to do this with polkit because of the tight security it provides with regards to authorisation, and temporarily caching authorisation. I know I'd need to be very careful about input sanitising to prevent a security hole - some notes about that are below.
However, I've found that auth_admin_keep doesn't work across sessions, unless you put it in the "allow_any" key, which I don't want to do - it's insecure. I think this is good, but I have no idea if this is how it is supposed to behave because I couldn't find any documentation on this. Does anyone know why this happens and if it should? The other issue is that the GUI has to run a lot of different commands, some of them repeatedly. I'd like to use auth_admin_keep for some subsets of these commands - repeatedly prompting for a password is really annoying. However, I'm unsure how to be absolutely sure that the GUI is calling pkexec, and that it isn't an attacker / some other program. I can check with "ps aux" to see if it is running, but beyond that, I'm unable to tell what the parent processes are when pkexec has granted privileges - it seems to hide that information. Is there a way I'm supposed to do this? I know these are fairly in depth questions, and you may not have answers, which is fine. Does anyone know where I might be able to ask for help on polkit-related issues? They don't seem to have IRC, but they do have a development mailing list - probably the wrong place to ask I think. Hamish McIntyre-Bhatty -- Next meeting: Bournemouth, Tuesday, 2018-06-05 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
