Bug ID 967436
Summary need review for brltty polkit action
Classification openSUSE
Product openSUSE Tumbleweed
Version 2015*
Hardware All
OS Linux
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter mgorse@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Brltty has an API that allows applications such as orca to communicate with it
to write to a refreshable Braille display. This should be allowed for a user
logged in locally but probably not for a remote user. The current default
authentication method is to require the user to be able to read
/etc/brlapi.key, requiring the user to be added to the brlapi group.

I have added support for authentication via polkit. This allows a local user to
authenticate without needing to be added to a special group first. The patch is
upstream but not in a release yet. I have a version of brltty with the polkit
patch applied in home:mgorse:branches:hardware on OBS, but it adds a new polkit
action, so I need a review from security.

You are receiving this mail because: