mount helper in C committed
David Zeuthen
david at fubar.dk
Mon Mar 6 14:43:04 PST 2006
Hey,
I just committed tools/hal-storage-mount.c and changed our fdi files to
use this instead. Major changes from the shell version
1. Should be a lot easier to audit and a lot more secure as it doesn't
pull in all of bash
2. Allow anything without '/' as valid mount point
3. Throws org.freedesktop.Hal.Device.Volume.MountPointNotAvailable
if you specifically requested a mount point instead of just
appending -1.. the frontends (like gnome-mount) is now expected
to handle this by just appending -1, -2 and so forth themselves.
Notably this changes the ABI a little bit.
4. Looks up correct policy, e.g. storage-fixed-mount-change-uid
if the mount options include uid= and just storage-fixed-mount
otherwise. Ditto for s/fixed/removable/
5. Allowed udi= for a number of file systems as our default policy
doesn't allow this (see policy/txt/*.policy for details)
There's a couple of TODO's left in the code but nothing major. I'd
appreciate if someone would audit it with security in mind.
$ wc -l hal-system-storage-mount hal-storage-mount.c
233 hal-system-storage-mount
718 hal-storage-mount.c
Thanks,
David
More information about the hal
mailing list