Description of problem: HAL allows non-privileged console user to circumvent system policy by allowing mounting of devices that the administrator put in /etc/fstab Expected results: HAL should refuse Mount() methods on devices specifically listed in /etc/fstab. Additional info: I've got a fix for this in HAL CVS. As I'm the upstream developer I also urge upgrading to a new release for FC5Final rather soon as other important (though not security critical) bugs have been fixed. I will do a hal 0.5.7 release later this week. I am marking this as a FC5 blocker bug.