Hi, On Fri, 2018-02-23 at 16:31 +0100, Matthias Gerstner wrote:
Hello,
the SUSE security team recently decided to turn the rpmlint check "polkit-untracked-privilege" into an error. Currently this is only an informational message. If you get messages like these in your package:
gvfs-backends.x86_64: I: polkit-untracked-privilege org.gtk.vfs.file-operations (no:no:auth_admin_keep)
then they will become an error with 10.000 extra badness in the future, as is the case with other polkit related errors. This affects all packages in openSUSE:Factory.
Looking forward to the errors in Staging, which will all need to get fixed before that check becomes an error in Factory.
The rationale behind that is that even though these polkit rules seem harmless (only locally logged in users with admin privileges can acquire the polkit privilege), they can expose security issues. This is because the correct enforcement of the polkit policy is depending on the individual package's polkit adaption.
Therefore such packages must go through a review process with the security team. You can trigger this process by opening a bug against security-team@suse.de and adding an AUDIT prefix to the bug summary. For more about this please refer to this wiki page:
So far the argument was that calling any such thing is at the same risk level as running any random binary using sudo. Which means every binary.
https://en.opensuse.org/openSUSE:Package_security_guidelines
We don't expect many packages to be affected by this. If you have any questions please reach out to us.
Sadly, this is a brp warning, not an rpmlint warning - otherwise we'd have at least some upfront information about it. At this time, it's a "let's get surprised how much will break" - not exactly my most favorite thing. I'll see to get some information extracted from the 12k build logs of Factory - then we should have some better information about how many packages will be affected by this. cheers Dominique