Red Hat Bugzilla – Bug 182352
HAL allows non-privileged console user to circumvent system policy
Last modified: 2013-03-13 00:49:56 EDT
Description of problem:
HAL allows non-privileged console user to circumvent system policy by allowing
mounting of devices that the administrator put in /etc/fstab
HAL should refuse Mount() methods on devices specifically listed in /etc/fstab.
I've got a fix for this in HAL CVS. As I'm the upstream developer I also urge
upgrading to a new release for FC5Final rather soon as other important (though
not security critical) bugs have been fixed. I will do a hal 0.5.7 release later
I am marking this as a FC5 blocker bug.