From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RrqJM-0003DJ-9c for garchives@archives.gentoo.org; Mon, 30 Jan 2012 12:26:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C36C7E0903; Mon, 30 Jan 2012 12:26:06 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id A0948E08E8 for ; Mon, 30 Jan 2012 12:25:20 +0000 (UTC) Received: from [10.12.187.31] (193-64-22-26-nat.elisa-mobile.fi [193.64.22.26]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: ssuominen) by smtp.gentoo.org (Postfix) with ESMTPSA id B45021B4008 for ; Mon, 30 Jan 2012 12:25:19 +0000 (UTC) Message-ID: <4F268B92.7010409@gentoo.org> Date: Mon, 30 Jan 2012 14:22:42 +0200 From: Samuli Suominen User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20120114 Thunderbird/9.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: [gentoo-dev] rfc: news item for changed polkit default group Content-Type: multipart/mixed; boundary="------------090307020406050803090504" X-Archives-Salt: 6c545d16-03b5-4a95-8796-35c288a4749e X-Archives-Hash: 69ca0667524db94aaea91052c8785f1e This is a multi-part message in MIME format. --------------090307020406050803090504 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit was asked about this at IRC today, so I suppose we should convey this information better to users --------------090307020406050803090504 Content-Type: text/plain; name="2012-01-30-polkit-default-AdminIdentities-is-group-wheel.en.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename*0="2012-01-30-polkit-default-AdminIdentities-is-group-wheel.en."; filename*1="txt" Title: Default value of AdminIdentities changed to group wheel in PolicyKit Author: Samuli Suominen Content-Type: text/plain Posted: 2012-01-30 Revision: 1 News-Item-Format: 1.0 Display-If-Installed: sys-auth/polkit The default value of AdminIdentities changed to group wheel by upstream since version 0.103. This means users in group wheel are allowed to execute commands like "pkexec bash" to gain root shell. You can change the default value at: # $EDITOR /etc/polkit-1/localauthority.conf.d/50-localauthority.conf --------------090307020406050803090504--