- Aug 11, 2019
-
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
reportbug doesn't currently seem to interpret "Depends: default-logind | logind" as implying that it should include the version number of the package that Provides logind in bug reports. Workaround for #934472.
-
Simon McVittie authored
The systemd unit is only for on-demand D-Bus activation, and is not intended to be started during boot, so an [Install] section and a parallel LSB init script are not necessary.
-
Simon McVittie authored
-
Closes: #923240
-
- May 01, 2019
-
-
Simon McVittie authored
-
Simon McVittie authored
Remove the consolekit [!linux-any] dependency. polkit no longer has any backends for non-Linux. Closes: #918446
-
Simon McVittie authored
-
- Apr 29, 2019
-
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
Update to upstream version '0.116' with Debian dir eaaf329b7d2c68a20ed5fb4aaa2a8e507ddf7d70
-
Simon McVittie authored
-
- Apr 26, 2019
- Apr 25, 2019
- Apr 02, 2019
-
-
Jan Rybar authored
Js encode string to utf8 See merge request polkit/polkit!29
-
Jan Rybar authored
When strings handled by the jsbackendauthority contain non-ASCII, the code will fail. For example, on a system having a user with a non-ASCII name, the following message will appear when a USB stick is plugged in. mar 04 21:47:31 mimmi polkitd[17163]: Error evaluating authorization rules The user will not be allowed to do the mount. The problem is that strings were variously encoded back to C strings with JS_EncodeString and JS_EncodeStringToUTF8. According to the documentation (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_EncodeString#Description) the former will simply drop the high byte from each character. If that happens to a username, it will no longer be found as a valid user name on the system. Explicitly encoding to UTF-8 will at least work in UTF-8 locales, which is the increasingly dominant encoding.
-
- Mar 26, 2019
- Mar 15, 2019
-
-
Jan Rybar authored
pkttyagent: PolkitAgentTextListener leaves echo tty disabled if SIGINT/SIGTERM See merge request polkit/polkit!24
-
Jan Rybar authored
If no password is typed into terminal during authentication raised by PolkitAgentTextListener, pkttyagent sends kill (it receives from systemctl/hostnamectl e.g.) without chance to restore echoing back on. This cannot be done in on_request() since it's run in a thread without guarantee the signal is distributed there.
-
- Mar 14, 2019
-
-
Ray Strode authored
Port JavaScript authority to mozjs-60 See merge request polkit/polkit!4
-
- Mar 12, 2019
-
-
API changes in mozjs that need to be reflected in the JS authority: - the JS::CompileOptions constructor and the JS::CompartmentOptions do not allow setting a JS version any more - do not use NULL comparisons for C++ objects - the resize() method for a vector has a return value that needs to be handled - JSClassOps has different fields
-
This is the new ESR version of the Mozilla JS engine, superceding mozjs-52.
-
- Feb 05, 2019
-
-
Jan Rybar authored
Allow uid of -1 for a PolkitUnixProcess See merge request polkit/polkit!17
-
Phaedrus Leeds authored
Commit 2cb40c4d changed PolkitUnixUser, PolkitUnixGroup, and PolkitUnixProcess to allow negative values for their uid/gid properties, since these are values above INT_MAX which wrap around but are still valid, with the exception of -1 which is not valid. However, PolkitUnixProcess allows a uid of -1 to be passed to polkit_unix_process_new_for_owner() which means polkit is expected to figure out the uid on its own (this happens in the _constructed function). So this commit removes the check in polkit_unix_process_set_property() so that new_for_owner() can be used as documented without producing a critical error message. This does not affect the protection against CVE-2018-19788 which is based on creating a user with a UID up to but not including 4294967295 (-1).
-
- Jan 08, 2019
-
-
Colin Walters authored
backend: Compare PolkitUnixProcess uids for temporary authorizations Closes #75 See merge request polkit/polkit!19
-
Colin Walters authored
It turns out that the combination of `(pid, start time)` is not enough to be unique. For temporary authorizations, we can avoid separate users racing on pid reuse by simply comparing the uid. https://bugs.chromium.org/p/project-zero/issues/detail?id=1692 And the above original email report is included in full in a new comment. Reported-by: Jann Horn <jannh@google.com> Closes: https://gitlab.freedesktop.org/polkit/polkit/issues/75
-
- Dec 07, 2018
-
-
Michael Biebl authored
-
Michael Biebl authored
Fixes a vulnerability in PolicyKit that allows a user with a uid greater than INT_MAX to successfully execute arbitrary polkit actions. CVE-2018-19788 Closes: #915332
-
- Dec 06, 2018
-
-
Jan Rybar authored
High uid fixup CVE-2018-19788 Closes #74 See merge request polkit/polkit!14
-
- Dec 04, 2018
-
-
Zbigniew Jędrzejewski-Szmek authored
-
Zbigniew Jędrzejewski-Szmek authored
(uid_t) -1 is still used as placeholder to mean "unset". This is OK, since there should be no users with such number, see https://systemd.io/UIDS-GIDS#special-linux-uids. (uid_t) -1 is used as the default value in class initialization. When a user or group above INT32_MAX is created, the numeric uid or gid wraps around to negative when the value is assigned to gint, and polkit gets confused. Let's accept such gids, except for -1. A nicer fix would be to change the underlying type to e.g. uint32 to not have negative values. But this cannot be done without breaking the API, so likely new functions will have to be added (a polkit_unix_user_new variant that takes a unsigned, and the same for _group_new, _set_uid, _get_uid, _set_gid, _get_gid, etc.). This will require a bigger patch. Fixes https://gitlab.freedesktop.org/polkit/polkit/issues/74.
-