Removing sysutils/polkit dependency from sysutils/libudisks?
Steve Wills
swills at FreeBSD.org
Tue Jan 19 00:39:05 UTC 2021
Hi,
On 1/17/21 3:17 AM, Kurt Jaeger wrote:
> Hi!
>
> Can you tell us the reason behind this opinion ? Is it generally
> buggy, does polkit violate some general design policy for apps etc ?
* There's one part of polkit, pkexec, which is suid and linked to some
libs that really aren't designed to be used in suid binaries.
* It uses spidermonkey to parse javascript policies, but aparently
doesn't use it correctly[1]. It has a number of open issues[2] which
have been open a while, but aren't addressed.
* The project doesn't look terribly active.
* Merge requests which look ready to commit aren't merged[3].
* The default policy gives everyone in wheel root access.
So, to me, the features it provides don't seem worth it. I have removed
it from my local system with some local patches and it seems to work
fine. I haven't missed it at all. Anyway, just my $0.02.
Cheers,
Steve
1: https://gitlab.freedesktop.org/polkit/polkit/-/issues/97
2: https://gitlab.freedesktop.org/polkit/polkit/-/issues
3: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests
More information about the freebsd-ports
mailing list