Bug ID 1012961
Summary Flatpak / polkit permissions need to be reviewed
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter dimstar@opensuse.org
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

When a system is configured to make use of flatpak (system wide), then
gnome-software treats them similar to normal packages in that it refreshes the
metadata (repo) and offers the flats for update.

The permissions for PackageKit are set that 'repo refresh' and 'package
updates' are allowed by user without extended permissions.

For flatpak, even the repo refresh requires root permission (which means, a
system on boot up requires root if there are system flats installed, as
gnome-software's update monitor will ask for a repo refresh)

I'd like to see the permissions to be loosened up similar to what we have in
Packagekit

>org.freedesktop.packagekit.system-update        auth_admin_keep_always:auth_admin_keep_always:yes

hence

>org.freedesktop.Flatpak.app-update              auth_admin:auth_admin:auth_admin_keep
>org.freedesktop.Flatpak.runtime-update          auth_admin:auth_admin:auth_admin_keep
>org.freedesktop.Flatpak.appstream-update        auth_admin:auth_admin:auth_admin_keep

Should be replaced with

>org.freedesktop.Flatpak.app-update              auth_admin_keep_always:auth_admin_keep_always:yes
>org.freedesktop.Flatpak.runtime-update          auth_admin_keep_always:auth_admin_keep_always:yes
>org.freedesktop.Flatpak.appstream-update        auth_admin_keep_always:auth_admin_keep_always:yes

You are receiving this mail because: