[PATCH] set required mount privileges via fdi file
Ludwig Nussel
ludwig.nussel at suse.de
Thu Jul 20 00:43:19 PDT 2006
On Wednesday 19 July 2006 18:34, Artem Kachitchkine wrote:
> > So in
> > order to only allow Dave to mount "Dave's usb key" you just have to
> > create an fdi file
>
> I would expect that to manipulate _privileges_ you'd want to manipulate
> _privilege_ files, not fdi files. I think "resources" serve the purpose
> you describe, i.e. to allow Dave mount "Dave's usb key" you'd add
> something like:
>
> Allow=dave:/org/freedesktop/Hal/devices/volume_dave_s_usb_key
Where would you put that? Into the definition of
'hal-storage-removable-mount'? How would you be able to mount anything
else then if you restrict it to dave and dave's usb key? You cannot
introduce another privilege file as hal-storage-mount always asks
for the 'hal-storage-removable-mount' privilege.
It's also less versatile if you need to c&p individual UDIs. With the
fdi file approach you can match a group of devices.
cu
Ludwig
--
(o_ Ludwig Nussel
//\ SUSE LINUX Products GmbH, Development
V_/_ http://www.suse.de/
More information about the hal
mailing list