Polkit agent #1
Description
Polkit is often used to gather elevated privileges in GUI applications. Since our goal is to be able to replace all password prompts in the system - we want to replace polkit prompt too.
"Prompt" in Polkit is represented by user-space process called "agent". It talks with main polkit daemon using D-Bus, asks for passwords using some form of UI and validates input using setuid helper.
Possible solutions
Our own implementation of libpolkit-agent-1
Use go-dbus and some other crap to interact with PAM.
Less C code (less memory vulnerabilities) but also more our own untested code (more bugs).
Bindings for libpolkit-agent-1
It's hard to map GObject interface to Go.
Well-tested (I hope) library but many dependencies from C world.