Hi, 2006 m. gruodis 14 d., ketvirtadienis 21:01, Marco d'Itri rašė: > I don't, I believe that pmount is buggy and this is a security hole. > While you can be pretty much sure that every USB and firewire device is > removable, the same is not true for MMC devices. > > This is also related to #402649 (which I am not actually sure is a > regression, I do not remember special-casing USB block devices in the > past). HAL seems to do the same (hald/linux/blockdev.c:894):
} else if (strcmp (bus, "mmc") == 0) { ... is_hotpluggable = TRUE; ... break; } You might be right about such assumption being a security hole, however Debian etch will be released with pmount and HAL, which follow such policy, but are not considered RC buggy. Why is udev involved here? Incorrect permissions prevent a user to format removable media (no workaround) and in KDE mediamanager case, to eject the device since mediamanager uses /usr/bin/eject binary (which is run as effective user) directly. However, I'll do my best to workaround this limitation by implementing eject via HAL action (then HAL starts 'eject' as root so no permission problem; only HAL policy is followed).
pgp3PVOp3Dfw5.pgp
Description: PGP signature