Open thican opened 7 months ago
My objective is to set a working environment with "modern" privileges workflow while keeping the hidepid=2 feature of /proc to ensure privacy and security.
Setting hidepid globally is not a "modern privilege workflow", it's security theater that doesn't provide any real value, and will break a great deal of things. Just don't use it, and instead use service sandboxing.
Thanks for your feedback.
While it might have no real security value, nothing else is broken for the 6-7 years I use it, both on server and on desktop environment, and its privacy feature is effective.
At least pkexec
should not put any other process in suspended state (not 100% sure if it’s pkexec or the desktop environment’s policykit helper), which is the original point of this report.
Source report: https://bugs.gentoo.org/924621
I discovered using pkexec outside a terminal will freezes most (if not all) graphical processes, as shown by
htop
with the "T" state (which meanstraced or suspended (e.g by SIGTSTP)
) when/proc
is mounted withhidepid=2
orhidepid=1
.It happened when I used OBS Studio to create a virtual webcam, which tries to load kernel module v4l2loopback through
pkexec
call.In normal context, with MATE desktop environment, a window will pop asking for root password.
However when hidepid is enable,
/usr/libexec/polkit-mate-authentication-agent-1
will issue a warning when opening the session (stored in file~/.materc-errors
), such as:(see GH-80 and GH-121)
I recently added the patch GH-423 on top of release 124, same issue.
To reproduce:
hidepid=2
(or =1) option for /proc (mount -o remount,hidepid=2 /proc
);pkexec modprobe v4l2loopback video_nr=10,11 card_label="Dummy video device","Second video device"
;To leave this broken state, I have to send the signal
SIGHUP
on processxinit
, which closes my whole session.My objective is to set a working environment with "modern" privileges workflow while keeping the
hidepid=2
feature of /proc to ensure privacy and security.