Bug ID 1089436
Summary AUDIT-0: security audit for the new polkit policy of LightDM
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter sor.alexei@meowr.ru
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

There is a way polkit policy in LightDM 1.26.0 onwards
(https://github.com/CanonicalLtd/lightdm/commit/6015bce) for some extra
features, but which causes this:
> lightdm.x86_64: I: polkit-cant-acquire-privilege org.freedesktop.DisplayManager.AccountsService.ModifyAny (no:no:no)
> lightdm.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ModifyOwn (yes:yes:yes)
> lightdm.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ReadAny (yes:yes:yes)
> lightdm.x86_64: E: polkit-untracked-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ModifyAny (no:no:no)

So I ask for security audition from the openSUSE Security Team.

You are receiving this mail because: