Ordinary users open the tuned-gui desktop program, pop up the authentication and authorization interface, click the cancel authentication button, and enter the tuned-gui program

[weiyaping20]

【 Title Description 】 Ordinary users can open the tuned-gui desktop program, pop up the authentication interface, click the cancel authentication button, and enter the tuned-gui interface Environmental Information Software information:

1. Tuned-2.20.0-1. el9. noarch
2. Tuned-gtk-2.20.0-1. el9. noarch Problem Recurrence Steps

1. Yum install tuned-gtk - y
2. Ordinary users log in to the graphical desktop. Click on the tuned gui icon to pop up the authentication interface Expected results
3. After clicking the cancel authentication button, you will not enter the tuned interface
4. After authorization is approved, other settings should not pop up the authentication box again Actual results
5. After clicking the cancel authentication button, directly enter the tuned interface
6. After the password authorization is passed, the authentication box will pop up again when setting other items. Click the cancel button, and the status of the setting item has been modified, but it is not actually effective; Ordinary users will enter this interface again to display the previous settings status

[yarda]

Unauthorized user is not allowed to do any changes that requires authorization, so it shouldn't be security related. I agree the code could be improved to disable all the options for which user is unauthorized or the code could re-request authorization when needed. Unfortunately, it doesn't seem like a trivial code change. Also patches are welcome.