Re: hal privileges [was: Re: [Utopia] gnome-mount 0.3 is out]
- From: Richard Hughes <hughsient gmail com>
- To: Martin Pitt <martin piware de>
- Cc: Kay Sievers <kay sievers vrfy org>, utopia-list gnome org, Jeff Waugh <jdub perkypants org>
- Subject: Re: hal privileges [was: Re: [Utopia] gnome-mount 0.3 is out]
- Date: Thu, 12 Jan 2006 12:22:24 +0000
On Thu, 2006-01-12 at 12:59 +0100, Martin Pitt wrote:
<snip>
> (who still does not understand why everybody else seems to ignore
> dbus' wonderful way of separating privileges with dbus services and
> instead uses the old centralized daemon way.)
Martin, do you mean like this:
<!-- Default policy for the exported interfaces -->
<policy context="default">
<deny
send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
<deny send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
<deny send_interface="org.freedesktop.Hal.Device.Volume"/>
<deny send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>
<!-- This will not work if pam_console support is not enabled -->
<policy at_console="true">
<allow
send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>
<!-- You can change this to a more suitable user, or make per-group
-->
<policy user="0">
<allow
send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>
Or am I missing the point?
Richard.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
