[Bug 1130388] New: deepin-clone: polkit-untracked-privilege badness
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 Bug ID: 1130388 Summary: deepin-clone: polkit-untracked-privilege badness Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: All OS: openSUSE Factory Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: hillwoodroc@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- [ 129s] deepin-clone.x86_64: E: polkit-untracked-privilege (Badness: 10000) com.deepin.pkexec.deepin-clone (auth_admin:auth_admin:auth_admin) [ 129s] The privilege is not listed in /etc/polkit-default-privs.* which makes it [ 129s] harder for admins to find. Furthermore polkit authorization checks can easily [ 129s] introduce security issues. If the package is intended for inclusion in any [ 129s] SUSE product please open a bug report to request review of the package by the [ 129s] security team. Please refer to [ 129s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 129s] more information. [ 129s] [ 129s] (none): E: badness 10000 exceeds threshold 1000, aborting. [ 129s] 3 packages and 0 specfiles checked; 1 errors, 2 warnings. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c1 --- Comment #1 from Hillwood Yang <hillwoodroc@gmail.com> --- Created attachment 801090 --> http://bugzilla.opensuse.org/attachment.cgi?id=801090&action=edit com.deepin.pkexec.deepin-clone.policy Please reveiwe this file. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c2 --- Comment #2 from Hillwood Yang <hillwoodroc@gmail.com> --- This package is at https://build.opensuse.org/package/show/X11:Deepin:Factory/deepin-clone -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c6 --- Comment #6 from Hillwood Yang <hillwoodroc@gmail.com> --- (In reply to Matthias Gerstner from comment #5)
I just realize that there is still bug 1070943 pending for deepin-api. Do you have a new version there with the patches included?
Yes, I have updated bug 1070943. Thanks! -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 Felix Yan <felixonmars@archlinux.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |felixonmars@archlinux.org OS|openSUSE Factory |All -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c13 Hillwood Yang <hillwoodroc@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED CC| |justforlxz@gmail.com Resolution|NORESPONSE |--- --- Comment #13 from Hillwood Yang <hillwoodroc@gmail.com> --- Assign to justforlxz@gmail.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c1 --- Comment #1 from Hillwood Yang <hillwoodroc@gmail.com> --- Created attachment 801090 --> http://bugzilla.opensuse.org/attachment.cgi?id=801090&action=edit com.deepin.pkexec.deepin-clone.policy Please reveiwe this file. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c2 --- Comment #2 from Hillwood Yang <hillwoodroc@gmail.com> --- This package is at https://build.opensuse.org/package/show/X11:Deepin:Factory/deepin-clone -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c6 --- Comment #6 from Hillwood Yang <hillwoodroc@gmail.com> --- (In reply to Matthias Gerstner from comment #5)
I just realize that there is still bug 1070943 pending for deepin-api. Do you have a new version there with the patches included?
Yes, I have updated bug 1070943. Thanks! -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 Felix Yan <felixonmars@archlinux.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |felixonmars@archlinux.org OS|openSUSE Factory |All -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130388 http://bugzilla.opensuse.org/show_bug.cgi?id=1130388#c13 Hillwood Yang <hillwoodroc@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED CC| |justforlxz@gmail.com Resolution|NORESPONSE |--- --- Comment #13 from Hillwood Yang <hillwoodroc@gmail.com> --- Assign to justforlxz@gmail.com -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com