Closed vmihalko closed 9 months ago
In GitLab by @jrybar on Jun 30, 2023, 13:03
Anyone please feel free to comment this. I will not be able to attend to it for upcoming two weeks.
In GitLab by @bluca on Jun 30, 2023, 13:10
Commented on data/polkit.service.in line 1
This is adding patch headers to the file directly? Copy/paste mistake?
In GitLab by @bluca on Jun 30, 2023, 13:11
Commented on data/polkit.service.in line 34
typo: separation
In GitLab by @bluca on Jun 30, 2023, 13:11
Commented on data/polkit.service.in line 13
build time template for the dir is lost
In GitLab by @bluca on Jun 30, 2023, 13:13
Commented on data/polkit.service.in line 73
why are these capabilities being added?
In GitLab by @bluca on Jun 30, 2023, 13:14
Commented on data/polkit.service.in line 109
why are all these system calls being allow-listed?
In GitLab by @kjain7 on Jun 30, 2023, 13:34
Commented on data/polkit.service.in line 1
Hi, yes I believe that it was just a copy and paste mistake on Jan's part
In GitLab by @kjain7 on Jun 30, 2023, 13:35
Commented on data/polkit.service.in line 13
Will fix this
In GitLab by @kjain7 on Jun 30, 2023, 13:38
Commented on data/polkit.service.in line 73
That was something we were considering downstream for Flatcar, it should indeed be removed here
In GitLab by @kjain7 on Jun 30, 2023, 13:38
Commented on data/polkit.service.in line 109
Will review and send in a new diff. Thanks
In GitLab by @jrybar on Jun 30, 2023, 14:57
@kjain7, if you have an account here and access to make comments, why didn't you make the MR yourself?
Please make any further changes here or create your own MR which you can edit comfortably. I won't be able to direct your mails from my mailbox to the repo in the upcoming weeks (or at least send them to the official polkit ML [asap, so that I can allow the sender])
Thanks.
Jan
In GitLab by @kjain7 on Jun 30, 2023, 15:08
I just got access recently after opening an issue with freedesktop. I'll make a PR
In GitLab by @jrybar on Jun 30, 2023, 13:01
_Merges kjain_morehardening -> master
Summary
(jrybar) On behalf of Krish Jain:
"This would help reduce exposure, as indicated by the security analysis performed by s ystemd-analyze. I have reorganized the options while ensuring that every option from the original list is still included. My intention was to improve the structure of the options and enhance readability by adding comments."