http://bugzilla.opensuse.org/show_bug.cgi?id=1134131 Bug ID: 1134131 Summary: AUDIT-0: deepin-file-manager: new polkit actions of deepin-file-manager Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: All OS: openSUSE Factory Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: hillwoodroc@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 804187 --> http://bugzilla.opensuse.org/attachment.cgi?id=804187&action=edit com.deepin.pkexec.usb-device-formatter.policy Please check them, thanks! [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewCopyJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewCreateFolderJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewCreateTemplateFileJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewDeleteJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewMoveJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.filemanager.daemon.NewRenameJob (auth_admin:auth_admin:auth_admin) [ 556s] deepin-file-manager.x86_64: E: polkit-untracked-privilege (Badness: 10) com.deepin.pkexec.dde-file-manager (auth_admin:auth_admin:auth_admin_keep) [ 556s] The privilege is not listed in /etc/polkit-default-privs.* which makes it [ 556s] harder for admins to find. Furthermore polkit authorization checks can easily [ 556s] introduce security issues. If the package is intended for inclusion in any [ 556s] SUSE product please open a bug report to request review of the package by the [ 556s] security team. Please refer to [ 556s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 556s] more information. -- You are receiving this mail because: You are on the CC list for the bug.