That’s how polkit used to work. It was changed, presumably because the old system was excessively complex and inflexible. Arbitrary code is the correct solution when the set of potentially needed behaviors is unbounded, which in this case it is.
Another example of this is CSS. The vast majority of its features today—shadow effects, filter effects, animations, layout modes, even text colors—could have been implemented with WebAssembly and shaders. Instead, all of this stuff is implemented by the browser, and as a result, there are only three browser engines, two of them are on life support, and there is zero hope of meaningful competition among browsers ever arising again.
Let’s not overcomplicate polkit, please. It’s more than enough of an attack surface already.
That’s how polkit used to work. It was changed, presumably because the old system was excessively complex and inflexible. Arbitrary code is the correct solution when the set of potentially needed behaviors is unbounded, which in this case it is.
Another example of this is CSS. The vast majority of its features today—shadow effects, filter effects, animations, layout modes, even text colors—could have been implemented with WebAssembly and shaders. Instead, all of this stuff is implemented by the browser, and as a result, there are only three browser engines, two of them are on life support, and there is zero hope of meaningful competition among browsers ever arising again.
Let’s not overcomplicate polkit, please. It’s more than enough of an attack surface already.