[gvfs] Use /run/media/$USER instead of $XDG_RUNTIME_DIR/media

From: David Zeuthen <davidz src gnome org>
To: commits-list gnome org
Cc:
Subject: [gvfs] Use /run/media/$USER instead of $XDG_RUNTIME_DIR/media
Date: Wed, 22 Feb 2012 22:15:46 +0000 (UTC)
commit 6307d017a12642e71ba2f04e82fc3781425a3eb6
Author: David Zeuthen <davidz redhat com>
Date:   Wed Feb 22 17:12:44 2012 -0500

    Use /run/media/$USER instead of $XDG_RUNTIME_DIR/media
    
    This is because of security concerns - it is way too dangerous to let
    a system-daemon such as udisks manage directories in a user-controlled
    location such as $XDG_RUNTIME_DIR. So now udisks2 is using
    /run/media/$USER instead, see
    
     http://cgit.freedesktop.org/udisks/commit/?id=aa02e5fc53efdeaf66047d2ad437ed543178965b
    
    These bugs are related
    
     https://bugzilla.gnome.org/show_bug.cgi?id=669797
     https://bugzilla.gnome.org/show_bug.cgi?id=646391
    
    Signed-off-by: David Zeuthen <davidz redhat com>

 monitor/udisks2/gvfsudisks2volumemonitor.c |   21 +++++++++++----------
 monitor/udisks2/what-is-shown.txt          |    7 +++----
 2 files changed, 14 insertions(+), 14 deletions(-)
---
diff --git a/monitor/udisks2/gvfsudisks2volumemonitor.c b/monitor/udisks2/gvfsudisks2volumemonitor.c
index ae3711c..58d121c 100644
--- a/monitor/udisks2/gvfsudisks2volumemonitor.c
+++ b/monitor/udisks2/gvfsudisks2volumemonitor.c
@@ -604,6 +604,8 @@ should_include (const gchar *mount_path,
 {
   gboolean ret = FALSE;
   const gchar *home_dir = NULL;
+  const gchar *user_name;
+  gsize user_name_len;
 
   g_return_val_if_fail (mount_path != NULL, FALSE);
 
@@ -634,7 +636,7 @@ should_include (const gchar *mount_path,
   /* Only display things in
    * - /media; and
    * - $HOME; and
-   * - $XDG_RUNTIME_DIR
+   * - /run/media/$USER
    */
 
   /* Hide mounts within a subdirectory starting with a "." - suppose it was a purpose to hide this mount */
@@ -659,16 +661,15 @@ should_include (const gchar *mount_path,
         }
     }
 
-  /* Check runtime dir */
-  if (g_getenv ("XDG_RUNTIME_DIR") != NULL)
+  /* Check /run/media/$USER/ */
+  user_name = g_get_user_name ();
+  user_name_len = strlen (user_name);
+  if (strncmp (mount_path, "/run/media/", sizeof ("/run/media/") - 1) == 0 &&
+      strncmp (mount_path + sizeof ("/run/media/") - 1, user_name, user_name_len) == 0 &&
+      mount_path[sizeof ("/run/media/") - 1 + user_name_len] == '/')
     {
-      const gchar *run_dir = g_get_user_runtime_dir ();
-      if (g_str_has_prefix (mount_path, run_dir) &&
-          strncmp ("/media/", mount_path + strlen (run_dir), sizeof ("/media/") - 1) == 0)
-        {
-          ret = TRUE;
-          goto out;
-        }
+      ret = TRUE;
+      goto out;
     }
 
  out:
diff --git a/monitor/udisks2/what-is-shown.txt b/monitor/udisks2/what-is-shown.txt
index 409ecf0..91d933c 100644
--- a/monitor/udisks2/what-is-shown.txt
+++ b/monitor/udisks2/what-is-shown.txt
@@ -20,10 +20,9 @@ with, or if not mounted, the options from its /etc/fstab entry, if
 any.
 
 If the directory for a device is known and outside /media, $HOME
-(typically /home/foo) or $XDG_RUNTIME_DIR/media (typically
-/run/user/foo/media) then the device is not shown in the user
-interface. Additionally, if any of component directories in its
-directory starts with a dot ("."), the device is not shown
+(typically /home/foo) or /run/media/$USER then the device is not shown
+in the user interface. Additionally, if any of component directories
+in its directory starts with a dot ("."), the device is not shown
 either. This policy may be overriden by use of the options x-gvfs-show
 and x-gvfs-hide.
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]