http://bugzilla.suse.com/show_bug.cgi?id=1143147
http://bugzilla.suse.com/show_bug.cgi?id=1143147#c5
Matthias Gerstner changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |IN_PROGRESS
Assignee|security-team@suse.de |matthias.gerstner@suse.com
--- Comment #5 from Matthias Gerstner ---
So calamares uses the policy only to start the graphical application via
pkexec as root. This is an option that can be entered in the calamares.desktop
file. In my test build it still uses xdg-su, however.
The pkexec action is not used programatically in the source code. Running the
installer as root gives a lot of power, of course, which is in the nature of a
distribution installer. Using it wrongly can break things fast but this is
within the responsibility of the user.
The default setting of allowing this only with admin password for active users
is sane.
I will whitelist the policy and submit it to Factory.
--
You are receiving this mail because:
You are on the CC list for the bug.