[Pkg-utopia-maintainers] Bug#809572: Bug#809572: policykit-1: nm-connection-editor cannot edit or delete connections

[Michael Biebl]

Am 01.01.2016 um 18:33 schrieb Nils Dagsson Moskopp:
> Michael Biebl <biebl at debian.org> writes:

> I understand. What exactly is the security hole and how broad is its
> scope? Can someone outside my computer now see the network password?
> 

It means, someone logged in via SSH could control the network
connection, i.e. a session which is not considered local and active.
This is not a policy which is usable for a general purpose distro like
Debian. That's why I don't consider the patch acceptable.

> “loginctl” run as user “erlehmann” outputs:
> 
> --- ✂ ---
>    SESSION        UID USER             SEAT            
>         c1        107 lightdm          seat0           
>          1       1000 erlehmann        seat0           
> 
> 2 sessions listed.
> --- ✂ ---

What does

$ loginctl show-session $XDG_SESSION_ID

say?

> I have no idea what “a polkit agent” means. “pgrep -a polkit” outputs:
> 
> --- ✂ ---
> 2350 /usr/lib/policykit-1/polkitd --no-debug
> --- ✂ ---

That looks like you might not have a polkit agent running in your user
session.

GNOME-Shell and KDE (Plasma) have a builtin polkit agent. For minimal
environments like you use, you might have to use something like
policykit-1-gnome.

You should then have a
/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1 process
running.

Regards,
Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20160101/2deb59a3/attachment-0001.sig>