hal/tools hal-system-storage-mount,1.14,1.15

David Zeuthen david at freedesktop.org
Sun Jan 22 08:08:39 PST 2006 

Update of /cvs/hal/hal/tools
In directory gabe:/tmp/cvs-serv17017/tools

Modified Files:
	hal-system-storage-mount 
Log Message:
2006-01-22  David Zeuthen  <davidz at redhat.com>

        * tools/hal-system-storage-mount: Also remove code expecting
        the now removed attempt at managing privileges



Index: hal-system-storage-mount
===================================================================
RCS file: /cvs/hal/hal/tools/hal-system-storage-mount,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- hal-system-storage-mount	21 Jan 2006 16:54:04 -0000	1.14
+++ hal-system-storage-mount	22 Jan 2006 16:08:36 -0000	1.15
@@ -29,46 +29,6 @@
     exit 1
 fi
 
-# read our security policy (see policy/10osvendor/10-security-policy.fdi)
-SECPOL_ALLOW_UID_MOUNT_FIXED=`hal-get-property --udi /org/freedesktop/Hal/devices/computer --key security_policy.system.storage.allow_uid_mount_fixed`
-SECPOL_ALLOW_UID_MOUNT_NONFIXED=`hal-get-property --udi /org/freedesktop/Hal/devices/computer --key security_policy.system.storage.allow_uid_mount_nonfixed`
-
-# determine what kind of drive we stem from
-IS_HOTPLUGGABLE=`hal-get-property --udi $HAL_PROP_BLOCK_STORAGE_DEVICE --key storage.hotpluggable`
-IS_REMOVABLE=`hal-get-property --udi $HAL_PROP_BLOCK_STORAGE_DEVICE --key storage.removable`
-
-# enforce security policy
-ALLOW="false"
-if [ "$IS_HOTPLUGGABLE" == "true" ] || [ "$IS_REMOVABLE" == "true" ]; then
-    # nonfixed media, e.g. removable and/or hotpluggable
-    if [ "$SECPOL_ALLOW_UID_MOUNT_NONFIXED" == "" ]; then
-	ALLOW="true"
-    else
-	for i in $SECPOL_ALLOW_UID_MOUNT_NONFIXED; do
-	    if [ "$i" == "$HAL_METHOD_INVOKED_BY_UID" ]; then
-		ALLOW="true"
-	    fi
-	done
-    fi
-else
-    # fixed media
-    if [ "$SECPOL_ALLOW_UID_MOUNT_FIXED" == "" ]; then
-	ALLOW="true"
-    else
-	for i in $SECPOL_ALLOW_UID_MOUNT_FIXED; do
-	    if [ "$i" == "$HAL_METHOD_INVOKED_BY_UID" ]; then
-		ALLOW="true"
-	    fi
-	done
-    fi
-fi
-
-if [ "$ALLOW" != "true" ]; then
-    echo "org.freedesktop.Hal.Device.Volume.PermissionDenied" >&2
-    echo "uid $HAL_METHOD_INVOKED_BY_UID is not authorized according to security policy" >&2
-    exit 1
-fi
-
 # read parameters
 # "MyDisk\n"
 # "fuse\n"

More information about the hal-commit mailing list