🌐
ArchWiki
wiki.archlinux.org › title › Polkit
polkit - ArchWiki
Polkit operates on top of the existing permissions systems in Linux – group membership, administrator status – it does not replace them. The .rules files designate a subset of users, refer to one (or more) of the actions specified in the actions files, and determine with what restrictions these actions can be taken by those users.
component of UNIX systems
PolicyKit-KDEPlasma5.png
Ubuntu logo
Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones, allowing a level of control … Wikipedia
Factsheet
polkit
Developers David Zeuthen, Red Hat
Release 0.3
Factsheet
polkit
Developers David Zeuthen, Red Hat
Release 0.3
🌐
Red Hat
docs.redhat.com › en › documentation › red_hat_enterprise_linux › 7 › html › desktop_migration_and_administration_guide › policykit
Chapter 4. PolicyKit | Desktop Migration and Administration Guide | Red Hat Enterprise Linux | 7 | Red Hat Documentation
The PolicyKit utility is a framework that provides an authorization API used by privileged programs (also called mechanisms) offering services to unprivileged programs (also called subjects).
🌐
Debian
wiki.debian.org › PolicyKit
PolicyKit - Debian Wiki
PolicyKit is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes, in order to grant some user the right to perform some tasks in some situations.
🌐
SUSE
documentation.suse.com › sles › 12-SP5 › html › SLES-all › cha-security-policykit.html
Authorization with Polkit | Security and Hardening Guide | SLES 12 SP5
April 8, 2026 - |Index|SUSE Linux Enterprise Server ... (formerly known as PolicyKit) is an application framework that acts as a negotiator between the unprivileged user session and the privileged system context....
🌐
Wikipedia
en.wikipedia.org › wiki › Polkit
Polkit - Wikipedia
1 week ago - Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones, allowing a level of control of centralized system policy.
🌐
SUSE
documentation.suse.com › sles › 15-SP7 › html › SLES-all › cha-security-polkit.html
The Polkit authentication framework | Security and Hardening Guide | SLES 15 SP7
June 25, 2024 - Polkit is an authentication framework used in graphical Linux desktop environments, for fine-grained management of access rights on the system. Traditionally, there is a strong separation of privileges on Linux between the root user as the fully ...
🌐
GitHub
github.com › polkit-org › polkit
GitHub - polkit-org/polkit: polkit (formerly PolicyKit) is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. · GitHub
polkit (formerly PolicyKit) is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. - polkit-org/polkit
Starred by 222 users
Forked by 82 users
Languages   C 93.5% | Meson 2.5% | Shell 2.5% | JavaScript 0.9% | Python 0.6% | Perl 0.0%
🌐
ADMIN Magazine
admin-magazine.com › Articles › Assigning-Privileges-with-sudo-and-PolicyKit
Assigning Privileges with sudo and PolicyKit » ADMIN Magazine
PolicyKit cleverly works its way around permissions problems and security risks with a completely different approach: If the user klaus wants to install a package, his package manager first asks PolicyKit whether this is a permitted action. PolicyKit can then immediately give klaus the go-ahead or prompt for a password.
🌐
Linux Man Pages
linux.die.net › man › 8 › polkit
polkit(8): Authorization Framework - Linux man page
PolicyKit provides an authorization API intended to be used by privileged programs ("MECHANISMS") offering service to unprivileged programs ("CLIENTS") through some form of IPC mechanism such as D-Bus or Unix pipes. In this scenario, the mechanism typically treats the client as untrusted.
Find elsewhere
🌐
GNOME
wiki.gnome.org › Projects › PolicyKit
Projects/PolicyKit – GNOME Wiki Archive
PolicyKit is a framework for defining policy for system-wide components and for desktop pieces to configure it. It is currently used by several components of the GNOME desktop, among which GConf, NetworkManager, the gnome-system-tools. GNOME does not depend on PolicyKit1 itself, but on polkit-gtk-1.
🌐
ZDNET
zdnet.com › home › tech › services & software › operating systems › linux
Major Linux PolicyKit security vulnerability uncovered: Pwnkit | ZDNET
January 27, 2022 - This time security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit's pkexec, CVE-2021-4034. Polkit, formerly known as PolicyKit, is a systemd SUID-root program.
🌐
LinuxConfig
linuxconfig.org › home › introduction to polkit: navigating authorization frameworks in linux
Introduction to Polkit: Navigating Authorization Frameworks in Linux
March 7, 2024 - Polkit is registered on the D-Bus “system” bus with the org.freedesktop.PolicyKit1 name. The service doesn’t run as root, but with the privileges of the polkitd user and the polkitd group (see /usr/lib/systemd/system/polkit.service).
🌐
Timesys
timesys.com › home › linux polkit: implementing user space authorization on embedded platforms
Linux Polkit: Implementing user space authorization on embedded platforms - Timesys
August 17, 2022 - Undoubtedly, securing the embedded device is an arduous task and involves various layers, such as boot loaders, kernel, applications, and more. In this blog, we are going to look at how you can secure user space Linux applications in embedded devices by using Polkit (Policy Kit).
Top answer
1 of 1
30

ConsoleKit (documentation) was a service which tracks user sessions (i.e. where a user is logged in). It allows switching users without logging out (many users can be logged in on the same hardware at the same time with one user active). It is also used to check if a session is "local" i.e. if a user has direct access to hardware (which may be considered more secure than remote access).

Currently the ConsoleKit is largely replaced by logind, which is part of systemd, although there is standalone version elogind.

polkit (née PolicyKit) documentation allows fine-tuned capabilities in a desktop environment. Traditionally only a privileged user (root) was allowed to configure network. However, while in a server environment it is a reasonable assumption that it would be too limiting to not be allowed to connect to a hotspot on laptop, for example. However, you may still not want to give full privileges to this person (like installing programs) or may want to limit options for some people (for example on your children laptops only 'trusted' networks with parental filters can be used). As far as I remember it works like:

  • Program send message to daemon via dbus about action
  • Daemon uses polkit libraries/configuration (in fact polkit daemon) to determine if a user is allowed to perform an action. It may happen that certain conditions must be fulfilled (like entering password or hardware access).
  • Daemon performs action according to it (returns auth error or performs action)
🌐
Linux Man Pages
linux.die.net › man › 8 › policykit_selinux
policykit_selinux(8) - Linux man page
policykit_selinux - Security Enhanced Linux Policy for the policykit processes
🌐
GitHub
github.com › lxqt › lxqt-policykit
GitHub - lxqt/lxqt-policykit: The LXQt PolicyKit agent · GitHub
Technically, lxqt-policykit is just a single binary lxqt-policykit-agent which is running as LXQt Module and launching the GUI on demand.
Starred by 41 users
Forked by 21 users
Languages   C++ 81.0% | CMake 18.7% | Shell 0.3%
🌐
University of Michigan Safecomputing
safecomputing.umich.edu › security-alerts › apply-patches-linux-systems-policykit-package
Apply patches to Linux systems with policykit package | safecomputing.umich.edu
January 26, 2022 - A vulnerability in Polkit's pkexec ... systems immediately after appropriate testing. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems....
🌐
Ubuntu
launchpad.net › ubuntu › +source › policykit-1
policykit-1 package in Ubuntu
1-dev: polkit Authorization API - development files pkexec: run commands as another user with polkit authorization pkexec-dbgsym: debug symbols for pkexec policykit-1-doc: documentation for polkit polkitd: framework for managing administrative policies and privileges polkitd-dbgsym: debug symbols for polkitd
🌐
Ubuntu
manpages.ubuntu.com › focal › man(8)
Ubuntu Manpage: polkit - Authorization Framework
PolicyKit provides an authorization API intended to be used by privileged programs (“MECHANISMS”) offering service to unprivileged programs (“CLIENTS”) through some form of IPC mechanism such as D-Bus or Unix pipes. In this scenario, the mechanism typically treats the client as untrusted.