http://bugzilla.suse.com/show_bug.cgi?id=967436 Bug ID: 967436 Summary: need review for brltty polkit action Classification: openSUSE Product: openSUSE Tumbleweed Version: 2015* Hardware: All OS: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mgorse@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Brltty has an API that allows applications such as orca to communicate with it to write to a refreshable Braille display. This should be allowed for a user logged in locally but probably not for a remote user. The current default authentication method is to require the user to be able to read /etc/brlapi.key, requiring the user to be added to the brlapi group. I have added support for authentication via polkit. This allows a local user to authenticate without needing to be added to a special group first. The patch is upstream but not in a release yet. I have a version of brltty with the polkit patch applied in home:mgorse:branches:hardware on OBS, but it adds a new polkit action, so I need a review from security. -- You are receiving this mail because: You are on the CC list for the bug.