pkexec is vulnerable to a minor information disclosure vulnerability that
allows an attacker to verify whether or not arbitrary files exist, violating
There's a patch for this issue:
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users
to determine the existence of arbitrary files via the argument.
pkexec is part of sys-auth/polkit, not sys-auth/policykit (I know, it's confusing, even to me; I had to look when the patch failed to apply).
You're trying to confuse the security team! ;)
So does the patch apply? If so, we can close this [noglsa].
Sorry, I'm not trying to confuse anyone... I don't maintain polkit, I maintain policykit, so this should presumably be re-assigned to nirbheek.
That was just a (silly) joke. ;)
Thanks for pointing it out, reassigning...
Sorry for todays bugspam everyone. ;)
I co-maintain with freedesktop-bugs.
Also, seeing that this is a minor security problem, do you folks want a new revision with this patch? Or would you prefer to wait for a release?
Re-rating as A4: at the time this bug was opened, ~4 was correct but then 0.96-r1 was stabilized and vulnerable. First fixed and stable version appears to be 0.101-r1.
Added to existing GLSA request.
This issue was resolved and addressed in
GLSA 201204-06 at http://security.gentoo.org/glsa/glsa-201204-06.xml
by GLSA coordinator Sean Amoss (ackle).