diff options
author | David Zeuthen <davidz@redhat.com> | 2009-07-26 22:05:38 -0400 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2009-07-26 22:05:38 -0400 |
commit | de0985aaeb9a44090f3cb37e4ea6308c0152797a (patch) | |
tree | bc9884bf5fb1e5fde401c57fb5771da1e1b1384d /data | |
parent | 52ab38452b2535bec1276bc82bb73b02d138c091 (diff) | |
download | polkit-de0985aaeb9a44090f3cb37e4ea6308c0152797a.tar.gz |
Allow unprivileged callers to check authorizations
But only allow this if
- the caller and the subject being checked is the same user
- no details are passed (otherwise dialogs can be spoofed)
Also add a RevokeTemporaryAuthorizationById() method.
Diffstat (limited to 'data')
-rw-r--r-- | data/org.freedesktop.PolicyKit1.Authority.xml | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml index 6b29e8e..9b49334 100644 --- a/data/org.freedesktop.PolicyKit1.Authority.xml +++ b/data/org.freedesktop.PolicyKit1.Authority.xml @@ -129,7 +129,7 @@ </annotation> <annotation name="org.gtk.EggDBus.Struct.Member" value="Dict<String,String>:details"> - <annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized."/> + <annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id)."/> </annotation> </annotation> @@ -223,7 +223,7 @@ </arg> <arg name="details" direction="in" type="a{ss}"> - <annotation name="org.gtk.EggDBus.DocString" value="Details describing the action."/> + <annotation name="org.gtk.EggDBus.DocString" value="Details describing the action. Keys starting with <literal>polkit.</literal> are reserved for internal use and cannot be used."/> </arg> <arg name="flags" direction="in" type="u"> @@ -348,6 +348,14 @@ </arg> </method> + <method name="RevokeTemporaryAuthorizationById"> + <annotation name="org.gtk.EggDBus.DocString" value="Revokes all temporary authorizations that applies to @subject."/> + + <arg name="id" direction="in" type="s"> + <annotation name="org.gtk.EggDBus.DocString" value="The opaque identifier of the temporary authorization."/> + </arg> + </method> + <!-- ---------------------------------------------------------------------------------------------------- --> <signal name="Changed"> |