KTextEditor KAuth helper + KAuth security review (by SUSE)
Open, Needs TriagePublic
Actions

Description

As part of anything that touches the security of the system, the packages in openSUSE must go through a security review. After an initial (IMO unnecessarily harsh) reject, the current security team members have performed quite a through evaluation of what's there and what needs to be done. Note that while this was done for ktexteditor, it has the potential of improving KAuth as a whole.

The review sits at: https://bugzilla.suse.com/show_bug.cgi?id=1033055#c26

This task was created with two objectives:

Make people aware of the issues
See if interested people can help as well (some work has been done, but the more, the merrier)

Related Objects

Mentioned In: D18845: authority: add support for passing details to polkit
Mentioned Here: T8622: sprint for privacy goal

lbeltrame created this task.Feb 14 2019, 2:23 PM

mgerstner mentioned this in D18845: authority: add support for passing details to polkit.Feb 21 2019, 10:08 AM

nicolasfella added a subscriber: nicolasfella.Feb 21 2019, 11:01 AM

This sounds like an excellent topic for the upcoming privacy sprint (T8622). @mgerstner any chance you can attend it?

In T10480#176816, @nicolasfella wrote:

This sounds like an excellent topic for the upcoming privacy sprint (T8622). @mgerstner any chance you can attend it?

Thanks for the suggestion, but I have a calendar conflict there. Also I'm only contributing as a side project when other work projects allow for it. So spending a couple of days for this is out of scope, sadly.

Martchus added a subscriber: Martchus.Mar 20 2019, 1:06 PM

aacid added a subscriber: security-team.Jul 21 2019, 3:08 PM

KTextEditor KAuth helper + KAuth security review (by SUSE)Open, Needs TriagePublicActions

Description

Related Objects

KTextEditor KAuth helper + KAuth security review (by SUSE)
Open, Needs TriagePublic
Actions