diff -up hal-0.5.13/hal.conf.in.drop-polkit hal-0.5.13/hal.conf.in --- hal-0.5.13/hal.conf.in.drop-polkit 2009-02-04 17:07:23.000000000 -0500 +++ hal-0.5.13/hal.conf.in 2009-07-29 23:15:16.866766074 -0400 @@ -25,7 +25,41 @@ send_interface="org.freedesktop.Hal.Device"/> <allow send_destination="org.freedesktop.Hal" send_interface="org.freedesktop.Hal.Manager"/> + </policy> + + <!-- Only allow users at the local console to manipulate devices --> + <policy at_console="true"> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.CPUFreq"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.DockStation"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.KillSwitch"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.KeyboardBacklight"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.LaptopPanel"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Leds"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.LightSensor"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Storage"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Storage.Removable"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Volume"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.WakeOnLan"/> + + </policy> + <!-- well,...and root too --> + <policy user="root"> <allow send_destination="org.freedesktop.Hal" send_interface="org.freedesktop.Hal.Device.CPUFreq"/> <allow send_destination="org.freedesktop.Hal"