On 7 May 2010 05:36, David Zeuthen <zeut...@gmail.com> wrote: > On Fri, May 7, 2010 at 4:34 AM, Baybal Ni <nikuli...@gmail.com> wrote: >> Yes, if it's security matter at least make it working without suid root >> first, like use pam instead. This policykit is hardly a security framework. > > Can you elaborate on the last statement please? > > David >
Just for its extensive use of such a suboptimal thing as suid it can be banished from some distros which accents on security. Secondly, a hack to pk client means that pk will issue whatever permissions set by user of defaults without further checks. And, thirdly a simplest hack will be launching a fake dbus, and exploiting it for whatever reason. PK utilises pam, and thus should be able to do things is a somehow more safe way, while it's not utilising even a glimpse of its features. _______________________________________________ devkit-devel mailing list devkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/devkit-devel