Thoughts about HAL, Ivman and Pmount.

Martin Pitt martin at piware.de
Thu Oct 27 12:09:04 PDT 2005


Hi Jonatan!

Jonatan Liljedahl [2005-10-26 21:31 -0200]:
> IMHO, automounting should be done by system (hald or ivman running as
> root), since if two users are running ivman at the same time there will
> be big trouble when both tries to mount the same thing under /media.
> There will be a war about who owns the mountpoint.

Mounting the device by hal does not solve this "war" at all. The
problem is not that the device does not get mounted (it will be
mounted in any case, it's just the question by whom), but the problem
is to which user the device belongs.

Right now, pmount mounts devices with file systems that don't support
permissions (vfat, iso9660, etc.) with umask 077, so that only the
owner can read/write it. You can make the umask less strict with a
command line argument or with a hal policy, but you are secure by
default.

Mounting by root would mean that the device needs to be
group or even world read/writable, which would entail that you could
not use removable media to save private data any more.

I see two options to mitigate this:

  - In Ubuntu, gnome-volume-manager has a patch that adds support for
    multiseat, like found in the HP441. So by configuring
    /etc/multiseat.conf properly, you can solve the conflict if you
    have more than one head on your box.

  - g-v-m/ivman should be taught to only mount a device if their
    $DISPLAY is currently active. Unfortunately I don't have an idea
    how to determine this.

Thanks for any comment,

Martin
-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freedesktop.org/archives/hal/attachments/20051027/35364f33/attachment.pgp


More information about the hal mailing list