Bug ID | 967436 |
---|---|
Summary | need review for brltty polkit action |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | 2015* |
Hardware | All |
OS | Linux |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | mgorse@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Brltty has an API that allows applications such as orca to communicate with it to write to a refreshable Braille display. This should be allowed for a user logged in locally but probably not for a remote user. The current default authentication method is to require the user to be able to read /etc/brlapi.key, requiring the user to be added to the brlapi group. I have added support for authentication via polkit. This allows a local user to authenticate without needing to be added to a special group first. The patch is upstream but not in a release yet. I have a version of brltty with the polkit patch applied in home:mgorse:branches:hardware on OBS, but it adds a new polkit action, so I need a review from security.