PolicyKit + KDE

Dario Freddi drf54321 at gmail.com
Thu Sep 3 18:22:34 BST 2009


In data giovedì 03 settembre 2009 18:27:44, Alexander Neundorf ha scritto:
: > On Thursday 03 September 2009, Aaron J. Seigo wrote:
> > On September 2, 2009, John Tapsell wrote:
> > > running "kdesu kill PID".  The PolicyKit 'problem' sorta takes
> > > ksysguard back a step, in that before ksysguard could reliably kill a
> > > root process but now it can't without someone manually copying policy
> > > files around.
> >
> > and takes it a step forward by letting the system (or sys admin) let
> > certain users do so without having access to root or access to other root
> > privileges.
> 
> Isn't that similar to what you can do with /etc/sudorc ?

Not quite

> I don't really see the difference between granting a user the permission to
> execute a process as root (e.g. via sudo) and granting a user the
>  permission to tell some other process (PK ?) which has root permissions to
>  do something, relying on dbus and policykit (two not too tiny software
>  packages) ? Where is the improvement ?

You can configure permissions by action, not by program, and you are not 
strictly required to enter admin password, and you can flexibily retain 
privileges for session or indefinitely (and PS: every bit of KDE relies on 
dbus, and policykit is not really a monster, code and dependency wise)

> Doesn't that mean that when before sudo had to be secure, now dbus and
> policykit have to be secure (probably much more LOC) ?

Policykit is way more secure as the helper will not execute anything (once 
started) if the caller was not explicitely authorized, whereas everyone can 
start a sudo helper and play around. Moreover, starting helpers with sudo can 
be tricky and harder. Polkit saves a lot of code client side, actually. Sudo 
is meant for terminal, polkit for GUI applications. You can dive into KAuth 
code if you want to expand.

> 
> Alex
> 

-- 
-------------------

Dario Freddi
KDE Developer
GPG Key Signature: 511A9A3B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20090903/e2dd195f/attachment.sig>


More information about the kde-core-devel mailing list