879:
448:
128:
84:
64:
211:
29:
236:
operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. Polkit allows a level of control of centralized system policy. It is developed and maintained by David
Zeuthen from
432:
of 7.8 ("High severity") reflecting serious factors involved in a possible exploit: unprivileged users can gain full root privileges, regardless of the underlying machine architecture or whether the
799:
407:
428:
command (installed on all major Linux distributions) was announced on
January 25, 2022. The vulnerability dates back to the original distribution from 2009. The vulnerability received a
613:
969:
920:
964:
949:
453:
421:
939:
621:
429:
179:
751:
265:
250:
913:
825:
461:
643:
944:
886:
466:
107:
906:
75:
665:
283:
275:
37:
878:
954:
141:
959:
715:
269:
690:
229:
476:
305:, as this command provides more flexibility and security, in addition to being easier to configure.
290:
since version 10.3. Some distributions, like Fedora, have already switched to the rewritten polkit.
504:
164:
83:
63:
396:
317:
293:
It is also possible to use polkit to execute commands with elevated privileges using the command
279:
800:"PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit's pkexec (CVE-2021-4034)"
774:
747:
890:
339:
334:
174:
148:
242:
592:
526:
127:
256:
Since version 0.105, released in April 2012, the name of the project was changed from
933:
480:
246:
183:
210:
866:
570:
548:
282:
to include PolicyKit, and it has since been used in other distributions, including
737:
343:
860:
746:] (in Russian). Vol. 1. Moscow: Litres (published 2017). p. 169.
484:
471:
443:
45:
298:
233:
157:
287:
854:
238:
195:
116:
51:
28:
736:Команда разработчиков BLFS (5 September 2017). "4: Bezopasnost'".
264:
to emphasize that the system component was rewritten and that the
153:
33:
826:"Major Linux PolicyKit security vulnerability uncovered: Pwnkit"
302:
214:
894:
644:"Polkit and KDE: let's make the point of the situation"
297:
followed by the command intended to be executed (with
402:
391:
383:
375:
367:
349:
333:
190:
173:
163:
147:
137:
106:
74:
57:
44:
301:permission). However, it may be preferable to use
739:За пределами проекта "Linux® с нуля". Версия 7.4
620:. Novell, Inc. and contributors. Archived from
914:
228:) is a component for controlling system-wide
8:
328:
21:
869:explaining polkit's role in a modern system
921:
907:
126:
82:
62:
20:
387:Polkit (all versions prior to discovery)
209:
496:
327:
716:"When to use pkexec vs. gksu/gksudo?"
7:
875:
873:
454:Free and open-source software portal
249:under the terms of version 2 of the
970:Free and open-source software stubs
893:. You can help Knowledge (XXG) by
479:– a similar feature introduced in
416:A memory corruption vulnerability
14:
320:implements Polkit functionality.
251:GNU Lesser General Public License
877:
446:
27:
965:Software using the LGPL license
775:"CVE listing for CVE-2021-4034"
462:Pluggable authentication module
1:
950:Free software programmed in C
887:free and open-source software
36:-based front-end, as seen in
467:Principle of least privilege
245:project. It is published as
986:
940:Computer security software
872:
436:daemon is running or not.
744:Beyond Linux from scratch
102:
70:
26:
16:Component of UNIX systems
855:polkit GitHub repository
695:polkit Reference Manual
666:"Features/PolicyKitOne"
618:openSUSE Security Guide
395:Default on every major
286:since version 8.04 and
169:Privilege authorization
614:"Chapter 9. PolicyKit"
270:backward compatibility
268:had changed, breaking
218:
945:System administration
355:; 2 years ago
353:18 November 2021
213:
89:; 43 days ago
549:"polkit Git COPYING"
483:and still exists in
477:User Account Control
424:) discovered in the
371:Qualys Research Team
670:Fedora Project Wiki
330:
23:
863:at freedesktop.org
646:. 22 December 2009
397:Linux distribution
241:and hosted by the
219:
902:
901:
832:. 25 January 2022
806:. 25 January 2022
624:on 27 August 2012
593:"Polkit releases"
571:"polkit Git NEWS"
414:
413:
384:Affected software
379:All architectures
376:Affected hardware
335:CVE identifier(s)
278:became the first
217:-based front-end.
208:
207:
977:
923:
916:
909:
881:
874:
842:
841:
839:
837:
822:
816:
815:
813:
811:
796:
790:
789:
787:
785:
771:
765:
764:
762:
760:
733:
727:
726:
724:
722:
712:
706:
705:
703:
701:
687:
681:
680:
678:
676:
662:
656:
655:
653:
651:
640:
634:
633:
631:
629:
610:
604:
603:
601:
599:
589:
583:
582:
580:
578:
567:
561:
560:
558:
556:
545:
539:
538:
536:
534:
523:
517:
516:
514:
512:
501:
456:
451:
450:
449:
410:
363:
361:
356:
331:
316:
204:
201:
199:
197:
149:Operating system
130:
125:
122:
120:
118:
97:
95:
90:
86:
66:
31:
24:
985:
984:
980:
979:
978:
976:
975:
974:
955:Freedesktop.org
930:
929:
928:
927:
851:
846:
845:
835:
833:
824:
823:
819:
809:
807:
798:
797:
793:
783:
781:
773:
772:
768:
758:
756:
754:
735:
734:
730:
720:
718:
714:
713:
709:
699:
697:
689:
688:
684:
674:
672:
664:
663:
659:
649:
647:
642:
641:
637:
627:
625:
612:
611:
607:
597:
595:
591:
590:
586:
576:
574:
573:. David Zeuthen
569:
568:
564:
554:
552:
551:. David Zeuthen
547:
546:
542:
532:
530:
529:. 8 August 2024
525:
524:
520:
510:
508:
505:"PolicyKit 0.3"
503:
502:
498:
493:
452:
447:
445:
442:
406:
359:
357:
354:
350:Date discovered
326:
314:
311:
243:freedesktop.org
194:
133:
115:
98:
93:
91:
88:
87:/ 8 August 2024
58:Initial release
50:David Zeuthen,
40:
17:
12:
11:
5:
983:
981:
973:
972:
967:
962:
957:
952:
947:
942:
932:
931:
926:
925:
918:
911:
903:
900:
899:
882:
871:
870:
864:
858:
850:
849:External links
847:
844:
843:
817:
791:
766:
752:
728:
707:
682:
657:
635:
605:
584:
562:
540:
518:
507:. 20 June 2007
495:
494:
492:
489:
488:
487:
474:
469:
464:
458:
457:
441:
438:
412:
411:
404:
400:
399:
393:
389:
388:
385:
381:
380:
377:
373:
372:
369:
365:
364:
351:
347:
346:
337:
325:
322:
310:
309:Implementation
307:
206:
205:
192:
188:
187:
177:
171:
170:
167:
161:
160:
151:
145:
144:
139:
135:
134:
132:
131:
112:
110:
104:
103:
100:
99:
80:
78:
76:Stable release
72:
71:
68:
67:
59:
55:
54:
48:
42:
41:
32:
15:
13:
10:
9:
6:
4:
3:
2:
982:
971:
968:
966:
963:
961:
960:Unix software
958:
956:
953:
951:
948:
946:
943:
941:
938:
937:
935:
924:
919:
917:
912:
910:
905:
904:
898:
896:
892:
889:article is a
888:
883:
880:
876:
868:
865:
862:
861:Documentation
859:
857:at github.com
856:
853:
852:
848:
831:
827:
821:
818:
805:
801:
795:
792:
780:
776:
770:
767:
755:
753:9785457831186
749:
745:
741:
740:
732:
729:
717:
711:
708:
696:
692:
686:
683:
671:
667:
661:
658:
645:
639:
636:
623:
619:
615:
609:
606:
594:
588:
585:
572:
566:
563:
550:
544:
541:
528:
527:"Release 125"
522:
519:
506:
500:
497:
490:
486:
482:
481:Windows Vista
478:
475:
473:
470:
468:
465:
463:
460:
459:
455:
444:
439:
437:
435:
431:
427:
423:
422:CVE-2021-4034
419:
409:
405:
401:
398:
394:
390:
386:
382:
378:
374:
370:
366:
352:
348:
345:
341:
338:
336:
332:
324:Vulnerability
323:
321:
319:
308:
306:
304:
300:
296:
291:
289:
285:
281:
277:
273:
271:
267:
263:
259:
254:
252:
248:
247:free software
244:
240:
235:
231:
227:
223:
216:
212:
203:
193:
189:
185:
184:free software
181:
178:
176:
172:
168:
166:
162:
159:
155:
152:
150:
146:
143:
140:
136:
129:
124:
114:
113:
111:
109:
105:
101:
94:8 August 2024
85:
79:
77:
73:
69:
65:
60:
56:
53:
49:
47:
43:
39:
35:
30:
25:
19:
895:expanding it
884:
834:. Retrieved
829:
820:
808:. Retrieved
803:
794:
782:. Retrieved
778:
769:
757:. Retrieved
743:
738:
731:
719:. Retrieved
710:
698:. Retrieved
694:
685:
673:. Retrieved
669:
660:
648:. Retrieved
638:
626:. Retrieved
622:the original
617:
608:
596:. Retrieved
587:
575:. Retrieved
565:
553:. Retrieved
543:
531:. Retrieved
521:
509:. Retrieved
499:
433:
425:
417:
415:
312:
294:
292:
280:distribution
274:
261:
257:
255:
225:
221:
220:
46:Developer(s)
18:
759:5 September
675:15 November
650:15 November
628:15 November
598:1 September
577:15 November
555:15 November
200:/polkit-org
121:/polkit-org
934:Categories
867:Why polkit
836:25 January
810:25 January
784:25 January
491:References
485:Windows 11
472:PackageKit
430:CVSS score
408:qualys.com
368:Discoverer
360:2021-11-18
230:privileges
224:(formerly
138:Written in
108:Repository
344:2021-4034
258:PolicyKit
234:Unix-like
226:PolicyKit
158:Unix-like
81:125
61:0.3
691:"pkexec"
533:8 August
440:See also
288:openSUSE
511:17 July
403:Website
392:Used by
358: (
315:polkitd
239:Red Hat
202:/polkit
191:Website
175:License
123:/polkit
92: (
52:Red Hat
804:Qualys
750:
721:25 May
700:25 May
434:polkit
426:pkexec
418:PwnKit
329:PwnKit
318:daemon
295:pkexec
284:Ubuntu
276:Fedora
262:polkit
222:Polkit
196:github
117:github
38:Ubuntu
22:polkit
885:This
830:ZDNet
779:Mitre
742:[
154:Linux
34:GNOME
891:stub
838:2022
812:2022
786:2022
761:2017
748:ISBN
723:2013
702:2013
677:2012
652:2012
630:2012
600:2018
579:2012
557:2012
535:2024
513:2024
313:The
303:sudo
299:root
198:.com
180:LGPL
165:Type
119:.com
340:CVE
266:API
260:to
232:in
215:KDE
936::
828:.
802:.
777:.
693:.
668:.
616:.
272:.
253:.
156:,
922:e
915:t
908:v
897:.
840:.
814:.
788:.
763:.
725:.
704:.
679:.
654:.
632:.
602:.
581:.
559:.
537:.
515:.
420:(
362:)
342:-
186:)
182:(
142:C
96:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.