policy library landed...
David Zeuthen
david at fubar.dk
Sun Feb 26 17:19:33 PST 2006
On Sun, 2006-02-26 at 19:39 -0500, David Zeuthen wrote:
> 1. e.g. gnome-mount will be able to do something intelligent when
> catching org.freedesktop.Hal.Device.Volume.PermissionDenied on
Actually, thinking a bit more about this... methods should _always_ just
throw
org.freedesktop.Hal.Device.PermissionDeniedByPolicy
in case policy says the uid invoking the method is not authorized to do
so.
This way callers can easily know when to prompt for auth to change
policy. If a method call would otherwise prevent the caller from doing
something they can throw other exceptions. As a corollary, we should
test for policy as the very last thing as otherwise we have
1. user tries to invoke method
2. catches PermissionDeniedByPolicy
3. does auth, modifies policy
4. invoke method again
4. catches some other PermissionDenied exception; not fixable, gah!
Oh well.. we really need to put something in the spec about method
invocations, it's become pretty complex already... I'm writing this mail
so it's at least mentioned _somewhere_ :-)
Btw, I've now added this to the hal-system-power-* scripts but not for
the storage scripts.. it would be an even bigger mess so I'm now
rewriting these in C. Yay!
David
More information about the hal
mailing list