Hello Seth, the packagekit-deny rule should not be necessary, it's there to underline what is specifically not allowed.
AFAIK, there are no other rules which could have granted this permission. This happens on a fresh install of Ubuntu where the above is the only modification to polkit rules. I'm on vacation since yesterday evening, so I cannot currently check if the groups have some kind of unexpected effect. See this for reference: https://github.com/hughsie/PackageKit/blob/master/policy/org.freedesktop.packagekit.policy.in The issue is that the command 'pkcon install-local evil-package-i-just- created.deb' triggers the action 'org.freedesktop.packagekit.package- install' instead of 'org.freedesktop.packagekit.package-install- untrusted' which it should. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1882098 Title: Packagekit lets user install untrusted local packages in Bionic and Focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
