http://bugzilla.suse.com/show_bug.cgi?id=1124339 http://bugzilla.suse.com/show_bug.cgi?id=1124339#c1 Matthias Gerstner <matthias.gerstner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |matthias.gerstner@suse.com Summary|Blueman 2.0.8 adds new |AUDIT-0: blueman: Blueman |blueman.rules to |2.0.8 adds new |/usr/share/polkit-1/rules.d |blueman.rules to |/blueman.rules |/usr/share/polkit-1/rules.d | |/blueman.rules --- Comment #1 from Matthias Gerstner <matthias.gerstner@suse.com> --- Thank you for bringing this to our attention. In the SUSE security team we have decided a while ago that we don't want to follow the special meaning of the "wheel" group as being treated equivalent to root in our distribution. We currently have a couple of rules like this in /usr/share/polkit-1/rules.d but most of them aren't affective anyways, because our polkit-default-privs in /etc/polkit-1/rules.d take precedence, except when the file starts with a number like "00-blueman.rules". We are planning to require a whitelisting for files in /usr/share/polkit-1/rules.d in the future and to move files out of this directory that don't match our policies. Therefore in your case I suggest you install this rules file as an example file e.g. under /usr/share/doc/packages/blueman. This way uses can activate this rule manually if they really want to, but the default security remains untouched. -- You are receiving this mail because: You are on the CC list for the bug.