On Wed, Feb 16, 2022 at 12:38 PM Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: > > On Mi, 16.02.22 12:12, Ben Cotton (bcotton@xxxxxxxxxx) wrote: > > > `pkexec` and `pkla-compat` > > ([https://src.fedoraproject.org/rpms/polkit-pkla-compat package]) are > > legacy tools that are no longer needed on a desktop and increase the > > attack surface as they are SetUID binaries (`pkexec`) or not > > maintained anymore (`pkla-compat`). > > I find this wording weird... I seriously doubt we should consider > "pkexec" legacy. It's the much nicer approach to the "sudo" problem, > as mentioned in earlier discussions... > > Splitting it off into a separate package might be OK, but claiming > that the fact that it is a suid binary makes it "legacy" sounds really > strange to me, by that means we should also mark "sudo", "su", "ping", > "mount", "umount", "write", "passwd", … and so on "legacy", but I > doubt we are at that point, are we? > > hence I am not against the feature but please tone down the wording > regarding pkexec, it's misleading. Say you want to split it out to > reduce the attack surface, but don't use the word "legacy" in its > context. > > (dropping "pkla-compat" given its unmaintained state is Ok to be > called "legacy" i guess) > I think I'd go stronger and say I don't really see the value in splitting out pkexec at all. I'd rather people have a default path to do safer privilege escalation, and pkexec is way better than sudo/doas/etc in that regard. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
