Hello Seth,
I can now confirm that it does not matter if the test users are in no
groups.
The issue persists.
Lines 49 to 56 in the link I provided earlier describe the package-
install-untrusted action which should be triggered when installing local
packages:
<action id="org.freedesktop.packagekit.package-install-untrusted">
<!-- SECURITY:
- Normal users require admin authentication to install untrusted or
unrecognised packages, as allowing users to do this without a
password would be a massive security hole.
- This is not retained as each package should be authenticated.
-->
<description>Install untrusted local file</description>
AFAIK this works as intended with other than aptcc backends, eg in Red Hat.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1882098
Title:
Packagekit lets user install untrusted local packages in Bionic and
Focal
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
