Don't start the daemon as root

polkit-org / polkit

polkit (formerly PolicyKit) is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes.

Other

65 stars 31 forks source link

Don't start the daemon as root #28

Open polkit-github-migration-bot opened 11 years ago

polkit-github-migration-bot commented 11 years ago

In gitlab.freedesktop.org by bugzilla-migration on Feb 22, 2013, 15:54

Link to the original issue: https://gitlab.freedesktop.org/polkit/polkit/-/issues/27

Submitted by Miloslav Trmac

Assigned to David Zeuthen @david

Link to original bug (#61283)

Description

Currently, polkitd is started as root (configured to do so both by the systemd service file and by the D-Bus activation config file), and then drops privileges, AFAICS without doing anything that requires the root privileges.

It would be simpler and easier to understand if the config just specified the polkitd user.

polkit-github-migration-bot commented 11 years ago

In gitlab.freedesktop.org by bugzilla-migration on Mar 13, 2013, 20:08

:speech_balloon: Colin Walters @walters said:

Um...submit a patch?

polkit-github-migration-bot commented 11 years ago

In gitlab.freedesktop.org by bugzilla-migration on Mar 15, 2013, 16:28

:speech_balloon: David Zeuthen @david said:

One important thing is that it needs to be easy to run polkitd from a root shell (for development, debugging etc.). So you'll need to keep the parts that drops privileges anyway and because of this, this proposed simplification could actually turn out to work against us. So maybe it's just not worth it.

polkit-github-migration-bot commented 11 years ago

In gitlab.freedesktop.org by bugzilla-migration on Apr 11, 2013, 18:49

:speech_balloon: Colin Walters @walters said:

(In reply to comment 2) One important thing is that it needs to be easy to run polkitd from a root shell (for development, debugging etc.). So you'll need to keep the parts that drops privileges anyway and because of this, this proposed simplification could actually turn out to work against us. So maybe it's just not worth it.

If it's for development, would it really matter if it ran as root? Also, do you really need to start it directly from a root shell? Why not add e.g. Environment=G_MESSAGES_DEBUG=all to the systemd unit file and do "systemctl restart polkit"?

polkit-github-migration-bot commented 10 years ago

In gitlab.freedesktop.org by bugzilla-migration on Sep 7, 2014, 14:14

:speech_balloon: Laurent Bigonville said:

I guess this is fixed in 0.112? The daemon is now dropping to the polkitd user by default

polkit-github-migration-bot commented 6 years ago

In gitlab.freedesktop.org by bugzilla-migration on Mar 29, 2018, 16:44

:speech_balloon: Ray Strode @halfline said:

no, not fixed yet. The point is the service file should have User=polkitd in it and main() shouldn't have become_user (POLKITD_USER, &error) in it.