Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 11 Jul 2019 17:27:19 +0200
From: Martin Steigerwald <martin@...htvoll.de>
To: oss-security@...ts.openwall.com
Subject: Re: Privileged File Access from Desktop Applications

Malte Kraus - 09.07.19, 15:58:
> None of the solutions actually provided the user with the accessed
> path or file operation in the polkit auth prompt. Users are
> confronted with an unspecific request for privileges that they can
> only allow or deny without knowing what exactly they are allowing.
> (This is unfortunately a common theme, e.g. on KDE the framework is
> still missing support for parameterizing polkit prompts.)

For me this looks like KDE developers address this now – at least 
partly:

[KAuth] Add support for action details in Polkit1 backend.
https://phabricator.kde.org/D21795

Thanks,
-- 
Martin
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.