What | Removed | Added |
---|---|---|
Status | NEW | IN_PROGRESS |
Assignee | security-team@suse.de | matthias.gerstner@suse.com |
The policy file is not used programatically within the mousepad editor. So it's only for starting the editor explicitly as root via pkexec or a desktop icon. The default setting of `auth_admin` for the active and inactive user looks sensible to me. I consider further source code review unnecessary. Since this is a general purpose editor the results of running it as root depend mostly on what the user is interactively doing with it. I'm going to whitelist the polkit policy and submit to Factory.