Hi, I study permissions problem on 11.1 in language module. I found (with mvidner help) root of problem in yast dbus backend call from yast-webservice. I check in webservice if user has rights (in this case root) and then I call to dbus. Problem is that dbus backend check not again root but again caller which is yastws user. So first solution which work is grant yastws all rights in rpm post-script as we do for root. But I think that this is quite big security issue as this mean that anyone who crack into webservice has all rights because he can act as yastws user with all rights to yast backend. This should be somehow solved. MVidner have idea that we could run backend as logged user instead yastws. This has problem that we must somehow handle sending passwords and also multiuser process (another user need maybe another port). My idea is use ssh with keys authentication and execute dbus call via this ssh, so then we can act as logged user and not as yastws. Any other ideas or comments? thanks JR -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org For additional commands, e-mail: yast-devel+help@opensuse.org