https://bugzilla.suse.com/show_bug.cgi?id=1232231 Bug ID: 1232231 Summary: AUDIT-0: mousepad: New PolKit rules added Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: manfred.h@gmx.net QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- Created attachment 878180 --> https://bugzilla.suse.com/attachment.cgi?id=878180&action=edit Full build log mousepad update 0.6.3 has added polkit rules [ 31s] RPMLINT report: [ 31s] =============== [ 32s] ============================ rpmlint session starts ============================ [ 32s] rpmlint: 2.6.1 [ 32s] mousepad.x86_64: E: polkit-untracked-privilege (Badness: 10) org.xfce.mousepad (no:auth_admin:auth_admin) [ 32s] The polkit action is not listed in the polkit-default-privs profiles which [ 32s] makes it harder for admins to find. Furthermore improper polkit authorization [ 32s] checks can easily introduce security issues. If the package is intended for [ 32s] inclusion in any SUSE product please open a bug report to request review of [ 32s] the package by the security team. Please refer to [ 32s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 32s] more information. OBS repo: https://build.opensuse.org/package/show/X11:xfce/mousepad -- You are receiving this mail because: You are on the CC list for the bug.