diff options
| author | Matthias Clasen <mclasen@redhat.com> | 2018-11-02 18:36:33 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-11-06 11:38:13 +0000 |
| commit | cac91675584bb6bc953077b4103568731b1ab2f8 (patch) | |
| tree | 67ac4a8c7501560f4eb70660da76f598c7a25a12 | |
| parent | a22dfbd7c16c4a752e210268fc120c24e0cf1eef (diff) | |
| download | flatpak-cac91675584bb6bc953077b4103568731b1ab2f8.tar.gz | |
Correct polkit policy comments
Make the security comments for our polkit rules match
the actual defaults.
Closes: #2287
Approved by: matthiasclasen
| -rw-r--r-- | system-helper/org.freedesktop.Flatpak.policy.in | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/system-helper/org.freedesktop.Flatpak.policy.in b/system-helper/org.freedesktop.Flatpak.policy.in index 12152533..6e93b422 100644 --- a/system-helper/org.freedesktop.Flatpak.policy.in +++ b/system-helper/org.freedesktop.Flatpak.policy.in @@ -15,10 +15,8 @@ <action id="org.freedesktop.Flatpak.app-install"> <!-- SECURITY: - - Normal users do not need authentication to install signed applications - from signed repositories, as this cannot exploit a system. - - Paranoid users (or parents!) can change this to 'auth_admin' or - 'auth_admin_keep'. + - Normal users need admin authentication to install software + system-wide. --> <description>Install signed application</description> <message>Authentication is required to install software</message> @@ -32,11 +30,9 @@ <action id="org.freedesktop.Flatpak.runtime-install"> <!-- SECURITY: - - Normal users do not need authentication to install signed applications - from signed repositories, as this cannot exploit a system. - - Paranoid users (or parents!) can change this to 'auth_admin' or - 'auth_admin_keep'. - --> + - Normal users need admin authentication to install software + system-wide. + --> <description>Install signed runtime</description> <message>Authentication is required to install software</message> <icon_name>package-x-generic</icon_name> @@ -114,6 +110,10 @@ </action> <action id="org.freedesktop.Flatpak.install-bundle"> + <!-- SECURITY: + - Normal users need admin authentication to install software + system-wide. + --> <description>Install bundle</description> <message>Authentication is required to install software</message> <icon_name>package-x-generic</icon_name> @@ -125,6 +125,10 @@ </action> <action id="org.freedesktop.Flatpak.runtime-uninstall"> + <!-- SECURITY: + - Normal users need admin authentication to uninstall software + system-wide. + --> <description>Uninstall runtime</description> <message>Authentication is required to uninstall software</message> <icon_name>package-x-generic</icon_name> @@ -136,6 +140,10 @@ </action> <action id="org.freedesktop.Flatpak.app-uninstall"> + <!-- SECURITY: + - Normal users need admin authentication to uninstall software + system-wide. + --> <description>Uninstall app</description> <message>Authentication is required to uninstall software</message> <icon_name>package-x-generic</icon_name> @@ -147,6 +155,10 @@ </action> <action id="org.freedesktop.Flatpak.configure-remote"> + <!-- SECURITY: + - Normal users need admin authentication to configure system-wide + software repositories. + --> <description>Configure Remote</description> <message>Authentication is required to configure software repositories</message> <icon_name>package-x-generic</icon_name> @@ -158,6 +170,10 @@ </action> <action id="org.freedesktop.Flatpak.configure"> + <!-- SECURITY: + - Normal users need admin authentication to configure the system-wide + Flatpak installation. + --> <description>Configure</description> <message>Authentication is required to configure software installation</message> <icon_name>package-x-generic</icon_name> |