https://bugzilla.suse.com/show_bug.cgi?id=1196890
https://bugzilla.suse.com/show_bug.cgi?id=1196890#c3
--- Comment #3 from Matthias Gerstner ---
From the upstream README is looks like anybody should be allowed to `pkexec`
swhkd as root without entering a password like so:
pkexec swhkd
It is practically like a sudoers rule with NOPASSWD for everybody. It's a bit
of a peculiar way to implement it via a rule file instead of a policy file.
The way it is currently installed will not work, because the name swhkd.rules
will be processed alphabetically *after*
/etc/polkit-1/rules.d/90-default-privs.rules. The latter will deny access. In
my test I renamed it to 00-swhkd.rules then it works as intended.
A closer review of the swhkd program is required to judge whether running this
daemon as root is safe. In any case it would be better to ship a policy file
that only allows local session to do that.
--
You are receiving this mail because:
You are on the CC list for the bug.