hal/fdi/policy/10osvendor 20-storage-methods.fdi,1.13,1.14
David Zeuthen
david at fubar.dk
Sat Feb 4 13:10:18 PST 2006
On Fri, 2006-02-03 at 09:41 -0800, Danny Kukawka wrote:
> Update of /cvs/hal/hal/fdi/policy/10osvendor
> In directory gabe:/tmp/cvs-serv12778/fdi/policy/10osvendor
>
> Modified Files:
> 20-storage-methods.fdi
> Log Message:
> 2006-02-03 Danny Kukawka <danny.kukawka at web.de>
>
> * fdi/policy/10osvendor/20-storage-methods.fdi: adde allowed option
> for ntfs filesystem (uid=,umask=,dmask=) to prevent files owned only
> by root and also only readable by root.
Uh, I don't like this. It will turn a previously secure Windows system
into something an unprivileged user can easily get administrator rights
on... once you install Linux and HAL with this patch... can we revert
this please?
Thinking about the general problem perhaps we should allow this only for
external (e.g. hotpluggable, maybe only USB and Firewire) drives. Could
do the same with hfsplus too? Also once we get the privilege library
going we should probably make this a specific thing that can be turned
on and off...
David
More information about the hal
mailing list