Initial draft of privilege escalation policy

Kevin Fenzi kevin at
Fri Jan 22 05:22:38 UTC 2010

On Thu, 21 Jan 2010 15:17:54 -0800
Adam Williamson <awilliam at> wrote:

> Here's a second draft, addressing several (not yet all) of the
> concerns raised about the first.

A few general comments: 

- Might be nice to number/letter/enumerate the items... so you can
  point to specific parts without excessive quoting. 

- Is it worth noting ConsoleKit/udev rules here that would give privs
  to local users that remote ones don't get?

- Is it worth noting console users vs remote vs admin user types?

- Is dbus security worth mentioning? system vs session and what users
  should be allowed, etc?

> Privilege Escalation Policy (draft)
> == Enforcement ==
> The [[QA]] team will check packages known to be capable of privilege
> escalation for their compliance with this policy, both through manual
> examination and automated testing via the AutoQA project.

Would it be worth having some kind of automated script that can find
packages that might need scrutiny? ie, anything with suid binaries,
anything with polkit files, anything with consolehelper

Sort of a critical path of security apps?

Looks like ubuntu has a pretty bare/skeleton policy at:
A few things there might be worth adding here. 

Anyhow, thanks for taking on this task!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : 

More information about the test mailing list