On 02/09/2017 02:55 PM, John R Pierce wrote: > > you realize noone on this email list has anything to do with the > source code for this pkcheck thing? CentOS uses the code exactly as > is that Red Hat releases. You're tilting at windmills in the wrong > country here. Yes, I do. And I tried to help OP file a bug report with Red Hat so that pkexec could be fixed. His original bugs wasted a lot of time arguing about pkcheck, and were closed WONTFIX. He has since filed new bug reports which are currently ASSIGNED. I'm hopeful that those will be fixed, because there does appear to be a security flaw in a SUID binary installed by default on CentOS 6 and 7.