Red Hat Bugzilla – Bug 493913
S-c-tools cleanup: port to PolicyKit
Last modified: 2014-01-12 19:08:50 EST
Description of problem:
It's not a good approach to let system config tool runn
under superuser account - it's a security risk. Instead
each tools which needs users privileges should be divided
to two parts - one which serves as privileged backend
running on demand and user interface that can ask for
privileged action over message bus (and ask password if
needed). Once action is approved by PolicyKit, it can be
Every tool should be ported to use PolicyKit.
Steps to Reproduce
System config tool has to be run under superuser account.
System config tool is not runned under superuser account
and asks for privileged access.
Look at https://fedorahosted.org/python-slip/
It is possible that we will port it to use such methods but it is not realistic with current state of application. We are gathering info for mayor rewritting - we will take this suggestion into account