http://bugzilla.opensuse.org/show_bug.cgi?id=1089436 Bug ID: 1089436 Summary: AUDIT-0: security audit for the new polkit policy of LightDM Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: sor.alexei@meowr.ru QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- There is a way polkit policy in LightDM 1.26.0 onwards (https://github.com/CanonicalLtd/lightdm/commit/6015bce) for some extra features, but which causes this:
lightdm.x86_64: I: polkit-cant-acquire-privilege org.freedesktop.DisplayManager.AccountsService.ModifyAny (no:no:no) lightdm.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ModifyOwn (yes:yes:yes) lightdm.x86_64: E: polkit-unauthorized-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ReadAny (yes:yes:yes) lightdm.x86_64: E: polkit-untracked-privilege (Badness: 10000) org.freedesktop.DisplayManager.AccountsService.ModifyAny (no:no:no)
So I ask for security audition from the openSUSE Security Team. -- You are receiving this mail because: You are on the CC list for the bug.