[clug] KDE polkit lunacy

Michael James clug3 at james.st
Sun Feb 5 21:07:23 MST 2012


Just installed openSuSE 12.1

Happily bopping along when a window from polkit
 pops up demanding I type the root password.
The window _says_ it's so it can check the screen brightness.
  - I tell it to go away, it comes back.
  - I demand details and kill all guilty PIDs, it comes back.
  - I google the error message and attempt to change the policy,
	it won't let me, the window disappears and comes back.
  - I look in Software Management and attempt to delete the guilty package
	it has 307 dependencies including my KDE desktop.
  - I type the root password, the window comes back.

This is lunacy? Isn't it? Reassure me.

I understand the motivation, a desktop user wants to
 burn CDs, mount USB drives, join WiFi networks, etc.
The old way of controlling it through file group permissions
 is getting tedious. We need a policy framework.

But polkit gives us authorisation windows popping up,
 demanding root password, _independent_ of activity. 
Before, I used root privilege only when patching, or installing.

This is setting ourselves up for social engineering attacks!

eg:  Joe average user is trying to live his life on a Linux desktop,
 like we have always said he should, "Just switch and
 escape the threat of viruses and drive by nasties".
Suppose Joe is browsing an unsavoury corner of the internet,
 looking for jpegs, or mpegs, or hacks, or whatever.
A window pops up asking for the root password.
It looks like the one that's been pestering him for hours.

How, in the hands of Joe, is this any better than running as root?

Anyone know a desktop that will operate without polkit?

michaelj

PS: There is a discussion on KDE where 1 lone voice
 argues the lunacy of allowing low level daemons
 to pop up authorisation windows.
The bug gets marked as a duplicate
 and debate moves on to a workaround
 to suppress this one error message.

PPS:  I also try to query systemctl
 to see if I can shut down the offending daemon.
Like ps it tries to fit too much on a line and truncates.
Unlike ps it truncates the first critical element.
Unlike ps I can't find a way to stop it.
Annoyingly it seems to have an implied   | less
 but it doesn't relent even for   systemctl list-units | cat -
It demands you know the truncated units name letter perfect
 including whether it is a  .service or .mount  
So tough for any old Linux hands who thought
root> systemctl list-units  |  grep -i polkit
 would give up any secrets.
Arrrgh


More information about the linux mailing list