Policykit does use PAM, it's not clear to me what you mean by "work through PAM".
Policykit is a framework that allows an app to query whether a certain user is privileged to perform a certain "action". There is some complexity to the model of whether a particular user is allowed to perform a particular access at one time, but it can all be configured by the system administrator. Most often it is used for privilege escalation to allow users to be able to perform certain tasks as root. In some ways this is similar to setuid root executables, where the privilege is generally based on group membership and permissions: if the user can execute the program then they get root rights for whatever it is doing. Because Ubuntu does not come with a root user by default we use a feature of policykit to declare a certain group as the "admin" group, we use "admin" for that. You can specify to policykit whether you want an action to be available to members of this group, and most tools do this, in particular the "Users and Groups" tool. Because the first user of the system is added to this group they can use their own password to gain these privileges, and so add users etc. Users in this group are also given the ability to sudo to root by default, which is further reaching than the policykit rights. Granted, users in this group also have the rights to edit the policykit policy via policykit, and so can grant themselves access to any parts that are root-only (I'm not sure there are any on Ubuntu, but that's beside the point), but the system administrator can stop this. If you are worried about your systems then you can remove the "admin" group from the policykit config. If it is just concern for Ubuntu that motivates you then that is different. I think having the fine grained control offered by policykit is valuable, and actually gives us a framework to *reduce* the amount of code run as root. I think the admin group is worthwhile for the usability, and perhaps even required with Ubuntu's lack of a root user by default. If your concern is specifically that you were able to do admin things while the root user was locked, or that the users and groups tool allows non-root users to edit the root account then we can discuss that. Thanks, James -- Exploitable to gain root access with non-priveleged user https://bugs.launchpad.net/bugs/358086 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
