Anne Wilson wrote:
> Doesn't launching hp-setup from a root terminal work?
It won't, PolicyKit is set up to deny access to root by default.
Hint: put this snippet of XML into /etc/PolicyKit/PolicyKit.conf:
<config version="0.1">
<match user="root">
<return result="yes"/>
</match>
</config>
and PolicyKit will blanket-approve any permissions requested by root
(instead of blanket-denying them as it does by default).
(Making it actually prompt you for the password if you're root requires
patching the code, blanket approval interestingly doesn't because it
bypasses the anti-root check in the authentication logic entirely.)
Yes, that WILL decrease protection against malware to some extent. But if
you have malware running as root, you have a bigger problem already. ;-)
(And they can really do anything just bypassing the PolicyKit-based
frameworks entirely, at least if you have SELinux disabled.)
Kevin Kofler
