Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems.

It is developed and maintained by David Zeuthen from Red Hat and hosted by the freedesktop.org project.

It is published as free software under the terms of version 2 of the GNU Lesser General Public License.

[11] A memory corruption vulnerability PwnKit (CVE-2021-4034[12]) discovered in the pkexec command (installed on all major Linux distributions) was announced on January 25, 2022.

The vulnerability received a CVSS score of 7.8 ("High severity") reflecting serious factors involved in a possible exploit: unprivileged users can gain full root privileges, regardless of the underlying machine architecture or whether the polkit daemon is running or not.