Bug ID 1143216
Summary AUDIT-0: mousepad: New PolKit rules added
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter tux93@opensuse.org
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Created attachment 811924 [details]
Full build log

mousepad update 0.4.2 has added polkit rules

[   84s] RPMLINT report:
[   84s] ===============
[   85s] mousepad.x86_64: I: polkit-cant-acquire-privilege org.xfce.mousepad
(no:auth_admin:auth_admin)
[   85s] Usability can be improved by allowing users to acquire privileges via
[   85s] authentication. Use e.g. 'auth_admin' instead of 'no' and make sure to
define
[   85s] 'allow_any'. This is an issue only if the privilege is not listed in
[   85s] /etc/polkit-default-privs.*
[   85s] 
[   85s] mousepad.x86_64: W: package-with-huge-docs  55%
[   85s] More than half the size of your package is documentation. Consider
splitting
[   85s] it into a -doc subpackage.
[   85s] 
[   85s] mousepad.x86_64: E: polkit-untracked-privilege (Badness: 10000)
org.xfce.mousepad (no:auth_admin:auth_admin)
[   85s] The privilege is not listed in /etc/polkit-default-privs.* which makes
it
[   85s] harder for admins to find. Furthermore polkit authorization checks can
easily
[   85s] introduce security issues. If the package is intended for inclusion in
any
[   85s] SUSE product please open a bug report to request review of the package
by the
[   85s] security team. Please refer to
[   85s]
https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for
[   85s] more information.
[   85s] 
[   85s] (none): E: badness 10000 exceeds threshold 1000, aborting.
[   85s] 3 packages and 0 specfiles checked; 1 errors, 1 warnings.

OBS Repo:
https://build.opensuse.org/package/show/home:tux93:branches:X11:xfce/mousepad

You are receiving this mail because: