On Wed, 2010-03-24 at 21:09 -0400, Matthias Clasen wrote: > Of course, one answer is to contain your service using selinux policy, > but thats a rather big hammer, and not everybody is in the position to > just walk over to Dan Walsh's desk to have that sorted out....
Yeah, selinux is not an option. In my mind selinux is "I have a really big codebase that I need to more-or-less sandbox". PK helpers should be as small as possible, so they are in principle easy to make secure. Federico _______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/polkit-devel
