| This thing? https://gitlab.freedesktop.org/polkit/polkit/-/blob/master/s... Which also seems to not have tests. In fact, the only tests I'm seeing are from 2 years ago. https://gitlab.freedesktop.org/polkit/polkit/-/tree/master/t... > has much better security It's using D-bus. My faith in D-bus security is close to my faith in seeing a fresh Linux install with zero D-bus error messages from apps. Which is to say, nonexistent. > integrates with your DE instead of expecting passwords on the terminal. There's nothing inherently insecure about passwords on the terminal, and certainly nothing a DE can do better. I have yet to see a display manager or lock screen app that knows what the hell PAM is doing. Try doing even the simplest things with PAM, such as getting a fingerprint reader or Yubikey working, and every single display manager simply chokes. I'm not sure which is more of a Byzantine mess: Linux authentication and authorization, or Linux audio. |
With all the .so modules loading into some process, etc. Some questionable design in sshd makes it lock up completely for all incoming connections when used with PAM and when pam module ends up in infinite loop.
Nevermind that systemd pam modules pull in a shitton of stuff, including dbus, into any process that tries to use PAM for auth, these days.
I guess it all runs as root, too. sshd at least tries to fork a child for all this and waits for it and kills it, so that the parent process can't be polluted. It just has no timeout when waiting for result, and doesn't accept further connections when waiting.
Sometimes it's better not to look too deep under the covers.