the packagekit-deny rule should not be necessary, it's there to underline what is specifically not allowed.
AFAIK, there are no other rules which could have granted this permission. This happens on a fresh install of Ubuntu where the above is the only modification to polkit rules.
I'm on vacation since yesterday evening, so I cannot currently check if the groups have some kind of unexpected effect.
The issue is that the command 'pkcon install-local evil-package-i-just-created.deb' triggers the action 'org.freedesktop.packagekit.package-install' instead of 'org.freedesktop.packagekit.package-install-untrusted' which it should.
Hello Seth,
the packagekit-deny rule should not be necessary, it's there to underline what is specifically not allowed.
AFAIK, there are no other rules which could have granted this permission. This happens on a fresh install of Ubuntu where the above is the only modification to polkit rules.
I'm on vacation since yesterday evening, so I cannot currently check if the groups have some kind of unexpected effect.
See this for reference: /github. com/hughsie/ PackageKit/ blob/master/ policy/ org.freedesktop .packagekit. policy. in
https:/
The issue is that the command 'pkcon install-local evil-package- i-just- created. deb' triggers the action 'org.freedeskto p.packagekit. package- install' instead of 'org.freedeskto p.packagekit. package- install- untrusted' which it should.