https://bugzilla.novell.com/show_bug.cgi?id=814763 https://bugzilla.novell.com/show_bug.cgi?id=814763#c0 Summary: After changing policy kit permissions for updates to Administrator, Apper still does not require administrator privileges Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: 64bit OS/Version: openSUSE 12.3 Status: NEW Severity: Major Priority: P5 - None Component: KDE4 Applications AssignedTo: kde-maintainers@suse.de ReportedBy: grglsn765@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0 After changing policy kit permissions for updates to Administrator, Apper still does not require administrator privileges. I do not believe this is a duplicate of Bug 373618, as that fails to complete the update. In this instance, Apper's notification of available updates are approved with a simple click of "ok", and root permissions are not required. In the Actions Policy under System Settings, I went to org.freedesktop followed by The PackageKit Project. There under "update packages" I changed the implicit authorization level of an "Active console" to "Administrator Authentication". My intent was to force apper to ask for my root password before downloading and installing updates, so that some other user that doesn't have administrator privileges cannot complete the update. However, updates are still able to be obtained without asking for root password, as if the Actions Policy under system settings was never changed from a simple "yes". See the following thread in the forums to show that other users have experienced the same thing: http://forums.opensuse.org/english/get-technical-help-here/applications/4855... Reproducible: Always Steps to Reproduce: 1. Change policy kit permissions on updates to Administrator Authentication under System Settings 2. Run Apper to find updates 3. Administrator permission (root password) is never asked for as updates are downloaded and installed Actual Results: root password was not asked for, but updates were downloaded and installed Expected Results: because I changed the permissions to Administrator, Apper should have asked for a root password to download and install the updates I believe this affects security, as an administrator could find his computer updated by a regular user. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.