dbus policy doesn't allow OpenSessionWithParameters

Bug #534514 reported by Michael Terry
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ConsoleKit
Invalid
Medium
consolekit (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: consolekit

The dbus policy file that allows all the dbus API calls does not include OpenSessionWithParameters (even though it includes OpenSession and all the other calls).

It seems like just an oversight. I reported it upstream (bug linked) and am attaching a debdiff for lucid.

Tags: oem-services
Revision history for this message
In , Michael Terry (mterry) wrote :

Created an attachment (id=33864)
Trivial fix

Here's the trivial patch from downstream bug https://bugs.launchpad.net/consolekit/+bug/534514

Revision history for this message
In , Martin Pitt (pitti) wrote :

This is a dangerous function for normal users, since they can elevate their privileges with that. Only root processes (like gdm) should call this function. Not allowing it for normal users is deliberate.

Revision history for this message
Michael Terry (mterry) wrote :

Binary package hint: consolekit

The dbus policy file that allows all the dbus API calls does not include OpenSessionWithParameters (even though it includes OpenSession and all the other calls).

It seems like just an oversight. I reported it upstream (bug linked) and am attaching a debdiff for lucid.

Revision history for this message
Michael Terry (mterry) wrote :
Changed in consolekit (Ubuntu):
assignee: nobody → Canonical Desktop Team (canonical-desktop-team)
Revision history for this message
Martin Pitt (pitti) wrote :

This is a dangerous function for normal users, since they can elevate their privileges with that. Only root processes (like gdm) should call this function. Not allowing it for normal users is deliberate.

Changed in consolekit (Ubuntu):
assignee: Canonical Desktop Team (canonical-desktop-team) → nobody
status: New → Invalid
Changed in consolekit:
status: Unknown → Confirmed
Changed in consolekit:
status: Confirmed → Invalid
Changed in consolekit:
importance: Unknown → Medium
Changed in consolekit:
importance: Medium → Unknown
Changed in consolekit:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.