[PATCH] set required mount privileges via fdi file

[David Zeuthen]

On Wed, 2006-07-19 at 10:16 +0200, Ludwig Nussel wrote:
> Hi,
> 
> hal-storage-mount currently hardcodes the privileges required to
> mount a volume. By storing the required privilege in hal instead
> it's possible to set volume specific privileges via fdi file. So in
> order to only allow Dave to mount "Dave's usb key" you just have to
> create an fdi file that overwrites the default for this specifc
> device.

Nope, this is just plain wrong. See my other mail here

 http://lists.freedesktop.org/archives/hal/2006-July/005665.html

The point is really that you want the PolicyKit daemon to make this
decision. And it can happily do this as long as we still pass the
resource, e.g. the HAL UDI for the volume.

If you change the privilege name then there is no chance that the
PolicyKit daemon knows the HAL daemon is trying to do. And then the
separation between policy and mechanism breaks.

> I don't understand what the intention behind the "uid=" special case
> was. "uid=" is not supposed to be included in the list of allowed
> options if the fs doesn't support it anyways.

You mean volume.mount.valid_options? It just specifies what options you
can use and if an option has a trailing '=' character it means you can
set values. If you use options outside this the HAL will use the 

 hal-storage-removable-mount-all-options

privilege instead of 

 hal-storage-removable-mount

privilege for mounting removable media. 

The exception is that if you, for example, pass 'uid=502' and the caller
has an uid != 502 then we will force using the -all-options privilege
because of security reasons. Makes sense, yes?

Cheers,
David