hal/tools hal-system-storage-eject, 1.2, 1.3 hal-system-storage-mount, 1.8, 1.9

David Zeuthen david at freedesktop.org
Sun Jan 8 14:27:05 PST 2006 

Update of /cvs/hal/hal/tools
In directory gabe:/tmp/cvs-serv18550/tools

Modified Files:
	hal-system-storage-eject hal-system-storage-mount 
Log Message:
2006-01-08  David Zeuthen  <davidz at redhat.com>

        * fdi/policy/10osvendor/20-storage-methods.fdi: Populate the new
        property volume.mount.valid_options

        * tools/hal-system-storage-mount: Don't add any options at all (we
        used to add e.g. quiet,shortname=winnt,uid=$UID for vfat and others)
        as this is now the responsibility of the client (e.g. gnome-mount).

        Use the white-list from the new property volume.mount.valid_options
        and perform special handling for the entry "uid=".

        * tools/hal-system-storage-eject: Also attempt to remove directory
        on eject



Index: hal-system-storage-eject
===================================================================
RCS file: /cvs/hal/hal/tools/hal-system-storage-eject,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- hal-system-storage-eject	17 Dec 2005 20:21:40 -0000	1.2
+++ hal-system-storage-eject	8 Jan 2006 22:27:03 -0000	1.3
@@ -1,6 +1,7 @@
 #!/bin/sh
 
 # Copyright (C) 2005, Kay Sievers <kay.sievers at vrfy.org>
+# Copyright (C) 2006, David Zeuthen <david at fubar.dk>
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2.
@@ -26,4 +27,10 @@
     exit 1
 fi
 
+# remove directory only if HAL has created it
+if [ -e $HAL_PROP_VOLUME_MOUNT_POINT/.created-by-hal ]; then
+  rm -f $HAL_PROP_VOLUME_MOUNT_POINT/.created-by-hal
+  rmdir --ignore-fail-on-non-empty "$HAL_PROP_VOLUME_MOUNT_POINT"
+fi
+
 exit 0

Index: hal-system-storage-mount
===================================================================
RCS file: /cvs/hal/hal/tools/hal-system-storage-mount,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- hal-system-storage-mount	6 Jan 2006 20:45:14 -0000	1.8
+++ hal-system-storage-mount	8 Jan 2006 22:27:03 -0000	1.9
@@ -1,6 +1,7 @@
 #!/bin/sh
 
 # Copyright (C) 2005, Kay Sievers <kay.sievers at vrfy.org>
+# Copyright (C) 2006, David Zeuthen <david at fubar.dk>
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2.
@@ -79,54 +80,50 @@
     MOUNTTYPE=$HAL_PROP_VOLUME_FSTYPE
 fi
 
-# pass only whitelisted mount options
+# retrieve white-list from device properties (see fdi/policy/osvendor/20-storage-methods.fdi)
+LEGAL_MOUNT_OPTIONS="$HAL_PROP_VOLUME_MOUNT_VALID_OPTIONS "
+# pass only whitelisted mount options, bail out on anything not in the whitelist
 if [ "$GIVEN_MOUNTOPTIONS" != "" ]; then
     for OPTION in $GIVEN_MOUNTOPTIONS; do
-	case "$OPTION" in
-	    ro)
-		MOUNTOPTIONS="$MOUNTOPTIONS,ro"
-		;;
-	    sync)
-		MOUNTOPTIONS="$MOUNTOPTIONS,sync"
-		;;
-	    dirsync)
-		MOUNTOPTIONS="$MOUNTOPTIONS,dirsync"
-		;;
-	    noatime)
-		MOUNTOPTIONS="$MOUNTOPTIONS,noatime"
-		;;
-	    nodiratime)
-		MOUNTOPTIONS="$MOUNTOPTIONS,nodiratime"
-		;;
-	    noexec)
-		MOUNTOPTIONS="$MOUNTOPTIONS,noexec"
-		;;
-	    quiet)
-		MOUNTOPTIONS="$MOUNTOPTIONS,quiet"
-		;;
-	    *)
-		echo "org.freedesktop.Hal.Device.Volume.InvalidMountOption" >&2
-		echo "" >&2
-		exit 1
-	esac
+	OPTION_WAS_OK="0"
+	for LEGAL_OPTION in $LEGAL_MOUNT_OPTIONS; do
+	    if [ "$OPTION" == "$LEGAL_OPTION" ]; then
+		MOUNTOPTIONS="$MOUNTOPTIONS,$OPTION"
+		OPTION_WAS_OK="1"
+	    elif [ "${LEGAL_OPTION:${#LEGAL_OPTION}-1}" == "=" ]; then
+		# support for LEGAL_OPTION="umask=", e.g. support any $OPTION that starts with "umask="
+		if [ "${OPTION:0:${#LEGAL_OPTION}}" == "$LEGAL_OPTION" ]; then			
+
+		    # special handling for uid; only allow uid=$HAL_METHOD_INVOKED_BY_UID expect if
+		    # $HAL_METHOD_INVOKED_BY_UID is 0
+		    if [ "$LEGAL_OPTION" == "uid=" ]; then
+			if [ "$HAL_METHOD_INVOKED_BY_UID" != "0" ]; then
+			    if [ "uid=$HAL_METHOD_INVOKED_BY_UID" != "$OPTION" ]; then
+				echo "org.freedesktop.Hal.Device.Volume.InvalidMountOption" >&2
+				echo "The option '$OPTION' is not allowed for uid=$HAL_METHOD_INVOKED_BY_UID" >&2
+				exit 1				    
+			    fi
+			fi
+		    fi
+		    		    
+		    # make sure the part after the '=' don't contain any commas otherwise an attacker may
+		    # pass e.g. umask=0600,suid,dev and this will get merged into $MOUNTOPTIONS - just replace
+		    # ',' with '_'
+		    MODIFIED_OPTION=${OPTION//,/_}
+		    MOUNTOPTIONS="$MOUNTOPTIONS,$MODIFIED_OPTION"
+		    OPTION_WAS_OK="1"
+		fi
+	    fi
+	done
+	if [ "$OPTION_WAS_OK" != "1" ]; then	    
+	    echo "org.freedesktop.Hal.Device.Volume.InvalidMountOption" >&2
+	    echo "The option '$OPTION' is not allowed" >&2
+	    exit 1
+	fi
     done
 fi
 
-# special options handling for certain filesystems
-case "$MOUNTTYPE" in
-    vfat)
-	MOUNTOPTIONS="$MOUNTOPTIONS,quiet,shortname=winnt,uid=$HAL_METHOD_INVOKED_BY_UID"
-	;;
-    ntfs)
-	MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID"
-	;;
-    hfs|hfsplus)
-	MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID"
-	;;
-    iso9660|udf)
-	MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID"
-	;;
-esac
+echo "options = '$MOUNTOPTIONS'"
 
 # append number to mountpoint if it already exists
 if [ -e "$MOUNT_ROOT/$MOUNTPOINT" ]; then

More information about the hal-commit mailing list