On Sat, 2016-10-22 at 21:10 +0200, Alad Wenter wrote: > For the second reason, is "it came from uid 0" a > sure reason for polkit to belive the message when the origin behind > uid > 0 is from a suid binary? Or is that where the first reason on > checking > authentication comes in?
Any unrestricted uid-0 process can do whatever it wants to your system, so yes, it is trusted (in the formal security sense of the word: it is a component that would be able to break your security policy). For it to be correct for the uid-0 binary to send that message, it needs to be reasonably sure that the person at your keyboard is in fact you. It does that by running the PAM authentication stack, which usually means asking you for your password as proof that you are who you claim to be. (The reason for using PAM is that this lets you/your sysadmin configure the system to require more than just a password, or less than a password, whatever is appropriate for your security needs. For instance, there are PAM modules for one-time passwords, fingerprint readers, two-factor authentication and so on, if you want those.) S _______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/polkit-devel