Huh, thanks - I didn't think to look at polkit itself. Sorry for the dup.

So it seems polkit itself is effectively completely broken when using hidepid, 
and there is no way to fix it without defeating the _purpose_ of hidepid 
(granting my user the privileges to see the full /proc tree basically disables 
hidepid, although it may still be useful for hiding /proc from _other_ users, 
e.g. ones that run various daemons...?).

As I don't really use polkit much, I don't think I'll be doing that, but I 
think we should at least list this somewhere in the readme or package 
description for policykit-1 so that affected users know about the current 
solution (this is more important now that systemd uses polkit for authorization 
and a broken polkit means a broken systemd, at least in terms of interactive 
authorization).

Sincerely,

Chiraag
-- 
ಚಿರಾಗ್ ನಟರಾಜ್
Graduate Student at Brown University
Email: [email protected]
Phone: 610-350-6329
Website: http://chiraag.nataraj.us

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Pkg-utopia-maintainers mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-utopia-maintainers

Reply via email to