unprivileged users with UID > INT_MAX can successfully execute any systemctl command

This issue was initially created at https://github.com/systemd/systemd/issues/11026; crossposting it here as it seems to be a polkit issue:

systemd version the issue has been seen with

$ systemctl --version
systemd 239
+PAM +AUDIT -SELINUX +IMA +APPARMOR +SMACK -SYSVINIT +UTMP -LIBCRYPTSETUP +GCRYPT -GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID -ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid

For completeness:

$ pkttyagent --version
pkttyagent version 0.115

Used distribution

NixOS 18.09 stable (commit db561c9)

Expected behaviour you didn't see

$ id
uid=4000000000(someuser) gid=100(users) groups=100(users)
$ systemctl stop sshd.service
Failed to stop sshd.service: Interactive authentication required.
See system logs and 'systemctl status sshd.service' for details.
$ systemctl is-active sshd.service
active

Unexpected behaviour you saw

$ id
uid=4000000000(someuser) gid=100(users) groups=100(users)
$ systemctl stop sshd.service

(pkttyagent:3342): GLib-GObject-WARNING **: 13:28:53.802: value "-294967296" of type 'gint' is invalid or out of range for property 'uid' of type 'gint'
**
ERROR:pkttyagent.c:156:main: assertion failed: (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)) >= 0)
$ systemctl is-active sshd.service
inactive

Steps to reproduce the problem

create a user with an UID > INT_MAX, e.g. 4000000000
run any systemctl command

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

unprivileged users with UID > INT_MAX can successfully execute any systemctl command