Bug ID | 1143216 |
---|---|
Summary | AUDIT-0: mousepad: New PolKit rules added |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | tux93@opensuse.org |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Created attachment 811924 [details] Full build log mousepad update 0.4.2 has added polkit rules [ 84s] RPMLINT report: [ 84s] =============== [ 85s] mousepad.x86_64: I: polkit-cant-acquire-privilege org.xfce.mousepad (no:auth_admin:auth_admin) [ 85s] Usability can be improved by allowing users to acquire privileges via [ 85s] authentication. Use e.g. 'auth_admin' instead of 'no' and make sure to define [ 85s] 'allow_any'. This is an issue only if the privilege is not listed in [ 85s] /etc/polkit-default-privs.* [ 85s] [ 85s] mousepad.x86_64: W: package-with-huge-docs 55% [ 85s] More than half the size of your package is documentation. Consider splitting [ 85s] it into a -doc subpackage. [ 85s] [ 85s] mousepad.x86_64: E: polkit-untracked-privilege (Badness: 10000) org.xfce.mousepad (no:auth_admin:auth_admin) [ 85s] The privilege is not listed in /etc/polkit-default-privs.* which makes it [ 85s] harder for admins to find. Furthermore polkit authorization checks can easily [ 85s] introduce security issues. If the package is intended for inclusion in any [ 85s] SUSE product please open a bug report to request review of the package by the [ 85s] security team. Please refer to [ 85s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 85s] more information. [ 85s] [ 85s] (none): E: badness 10000 exceeds threshold 1000, aborting. [ 85s] 3 packages and 0 specfiles checked; 1 errors, 1 warnings. OBS Repo: https://build.opensuse.org/package/show/home:tux93:branches:X11:xfce/mousepad