[Bug 1143147] New: AUDIT-0: calamares: polkit-untracked-privilege
http://bugzilla.opensuse.org/show_bug.cgi?id=1143147 Bug ID: 1143147 Summary: AUDIT-0: calamares: polkit-untracked-privilege Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: opensuse.lietuviu.kalba@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 811861 --> http://bugzilla.opensuse.org/attachment.cgi?id=811861&action=edit full build log For my package found in OBS in home:embar-:Lietukas/calamares I would like a whitelisting for the following rpmlint error: [ 408s] calamares.x86_64: I: polkit-cant-acquire-privilege com.github.calamares.calamares.pkexec.run (no:no:auth_admin) [ 408s] Usability can be improved by allowing users to acquire privileges via [ 408s] authentication. Use e.g. 'auth_admin' instead of 'no' and make sure to define [ 408s] 'allow_any'. This is an issue only if the privilege is not listed in [ 408s] /etc/polkit-default-privs.* [ 408s] <...> [ 408s] calamares.x86_64: E: polkit-untracked-privilege (Badness: 10000) com.github.calamares.calamares.pkexec.run (no:no:auth_admin) [ 408s] The privilege is not listed in /etc/polkit-default-privs.* which makes it [ 408s] harder for admins to find. Furthermore polkit authorization checks can easily [ 408s] introduce security issues. If the package is intended for inclusion in any [ 408s] SUSE product please open a bug report to request review of the package by the [ 408s] security team. Please refer to [ 408s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 408s] more information. I would like to submit it later into Education/calamares and main openSUSE Factory/Tumbleweed repository. Please help with this package. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1143147
Mindaugas Baranauskas
participants (1)
-
bugzilla_noreply@novell.com