From 9209f79c8e7e300795d33cd6fd813813e0d7fcb6 Mon Sep 17 00:00:00 2001
From: David Zeuthen <davidz@redhat.com>
Date: Sun, 1 Jun 2008 16:07:33 -0400
Subject: [PATCH] remove ability to use privileged mount options

People who wants this are advised to use /etc/fstab - as of commit
1aeeb7b6ec2236f20eef2281e30786266098e29e, FilesystemMount() and
FilesystemUnmount() will attempt to mount as the calling user if the
device is referenced in /etc/fstab.
---
 policy/Makefile.am                                 |  5 +-
 ...edesktop.devicekit.disks.mount-option.policy.in | 62 ----------------------
 src/devkit-disks-device.c                          | 57 +-------------------
 3 files changed, 4 insertions(+), 120 deletions(-)
 delete mode 100644 policy/org.freedesktop.devicekit.disks.mount-option.policy.in

diff --git a/policy/Makefile.am b/policy/Makefile.am
index 5bbc144..2ef81d5 100644
--- a/policy/Makefile.am
+++ b/policy/Makefile.am
@@ -2,8 +2,7 @@
 devkit_policydir = $(datadir)/PolicyKit/policy
 
 dist_devkit_policy_DATA = 					\
-	org.freedesktop.devicekit.disks.policy			\
-	org.freedesktop.devicekit.disks.mount-option.policy
+	org.freedesktop.devicekit.disks.policy
 
 @INTLTOOL_POLICY_RULE@
 
@@ -11,7 +10,7 @@ check:
 	polkit-policy-file-validate $(dist_devkit_policy_DATA)
 
 clean-local :
-	rm -f *~
+	rm -f *~ *.policy
 
 DISTCLEANFILES = $(dist_devkit_policy_DATA)
 
diff --git a/policy/org.freedesktop.devicekit.disks.mount-option.policy.in b/policy/org.freedesktop.devicekit.disks.mount-option.policy.in
deleted file mode 100644
index 2d15d07..0000000
--- a/policy/org.freedesktop.devicekit.disks.mount-option.policy.in
+++ /dev/null
@@ -1,62 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-
-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-
-<!--
-Policy definitions for DeviceKit-disks
-
-Copyright (c) 2008 David Zeuthen <david@fubar.dk>
-
-NOTE: If you make changes to this file, make sure to validate the file
-using the polkit-policy-file-validate(1) tool. Changes made to this
-file are instantly applied.
--->
-
-<policyconfig>
-  <vendor>The DeviceKit Project</vendor>
-  <vendor_url>http://hal.freedesktop.org/docs/DeviceKit/</vendor_url>
-  <icon_name>drive-removable-media</icon_name>
-
-  <action id="org.freedesktop.devicekit.disks.mount-option.vfat-uid">
-    <_description>vfat uid option</_description>
-    <_message>Usage of the uid mount option requires privileges</_message>
-    <defaults>
-      <allow_any>no</allow_any>
-      <allow_inactive>no</allow_inactive>
-      <allow_active>auth_admin_keep_always</allow_active>
-    </defaults>
-  </action>
-
-  <action id="org.freedesktop.devicekit.disks.mount-option.vfat-gid">
-    <_description>vfat gid option</_description>
-    <_message>Usage of the gid mount option requires privileges</_message>
-    <defaults>
-      <allow_any>no</allow_any>
-      <allow_inactive>no</allow_inactive>
-      <allow_active>auth_admin_keep_always</allow_active>
-    </defaults>
-  </action>
-
-  <action id="org.freedesktop.devicekit.disks.mount-option.suid">
-    <_description>suid option</_description>
-    <_message>Usage of the suid mount option requires privileges</_message>
-    <defaults>
-      <allow_any>no</allow_any>
-      <allow_inactive>no</allow_inactive>
-      <allow_active>auth_admin</allow_active>
-    </defaults>
-  </action>
-
-  <action id="org.freedesktop.devicekit.disks.mount-option.dev">
-    <_description>dev option</_description>
-    <_message>Usage of the dev mount option requires privileges</_message>
-    <defaults>
-      <allow_any>no</allow_any>
-      <allow_inactive>no</allow_inactive>
-      <allow_active>auth_admin</allow_active>
-    </defaults>
-  </action>
-
-</policyconfig>
diff --git a/src/devkit-disks-device.c b/src/devkit-disks-device.c
index 36acf2f..f2a50c8 100644
--- a/src/devkit-disks-device.c
+++ b/src/devkit-disks-device.c
@@ -2864,12 +2864,8 @@ static const char *vfat_allow[] =          {"utf8",
                                             "dmask=",
                                             "fmask=",
                                             "codepage=",
+                                            "iocharset=",
                                             NULL};
-static const FSRestrictedMountOption vfat_restricted[] = {
-        {"uid=", "org.freedesktop.devicekit.disks.mount-option.vfat-uid"},
-        {"gid=", "org.freedesktop.devicekit.disks.mount-option.vfat-gid"},
-        {NULL, NULL},
-};
 static const char *vfat_allow_uid_self[] = {"uid=", NULL};
 static const char *vfat_allow_gid_self[] = {"gid=", NULL};
 
@@ -2890,14 +2886,8 @@ static const char *any_allow[] = {"exec",
                                   "dirsync",
                                   NULL};
 
-static const FSRestrictedMountOption any_restricted[] = {
-        {"suid", "org.freedesktop.devicekit.disks.mount-option.suid"},
-        {"dev", "org.freedesktop.devicekit.disks.mount-option.dev"},
-        {NULL, NULL},
-};
-
 static const FSMountOptions fs_mount_options[] = {
-        {"vfat", vfat_defaults, vfat_allow, vfat_allow_uid_self, vfat_allow_gid_self, vfat_restricted},
+        {"vfat", vfat_defaults, vfat_allow, vfat_allow_uid_self, vfat_allow_gid_self},
 };
 
 /* ------------------------------------------------ */
@@ -3065,49 +3055,6 @@ is_mount_option_allowed (const FSMountOptions *fsmo,
                 }
         }
 
-        /* .. and finally check the mount options that requires authorization */
-        if (fsmo != NULL) {
-                for (n = 0; fsmo->restricted[n].mount_option != NULL; n++) {
-                        const char *r_mount_option = fsmo->restricted[n].mount_option;
-                        const char *r_authorization_needed = fsmo->restricted[n].authorization_needed;
-                        ep = strstr (r_mount_option, "=");
-                        if (ep != NULL && ep[1] == '\0') {
-                                ep_len = ep - r_mount_option + 1;
-                                if (strncmp (r_mount_option, option, ep_len) == 0) {
-                                        allowed = TRUE;
-                                        *auth_needed = r_authorization_needed;
-                                        goto out;
-                                }
-                        } else {
-                                if (strcmp (r_mount_option, option) == 0) {
-                                        allowed = TRUE;
-                                        *auth_needed = r_authorization_needed;
-                                        goto out;
-                                }
-                        }
-                }
-        }
-        for (n = 0; any_restricted[n].mount_option != NULL; n++) {
-                const char *r_mount_option = any_restricted[n].mount_option;
-                const char *r_authorization_needed = any_restricted[n].authorization_needed;
-                ep = strstr (r_mount_option, "=");
-                if (ep != NULL && ep[1] == '\0') {
-                        ep_len = ep - r_mount_option + 1;
-                        if (strncmp (r_mount_option, option, ep_len) == 0) {
-                                allowed = TRUE;
-                                *auth_needed = r_authorization_needed;
-                                goto out;
-                        }
-                } else {
-                        if (strcmp (r_mount_option, option) == 0) {
-                                allowed = TRUE;
-                                *auth_needed = r_authorization_needed;
-                                goto out;
-                        }
-                }
-        }
-
-
 out:
         return allowed;
 }
-- 
2.7.4