Comment 3 for bug 432542

I'm reviewing

  http://bazaar.launchpad.net/%7Eusb-creator-hackers/usb-creator/trunk/revision/201

for this.

The default PK policy for the "bootloader", "format", etc. methods is "yes", i. e. it will silently do that without authentication dialogs. The D-BUS methods allow you to specify an arbitrary device, and call syslinux/devicekit without further checks. Since the usb-creator backend runs as root, this circumvents the existing dk-disks checks. Apps shouldn't maliciously or accidentally be able to reformat/change internal disks.

Either you need to call the dk-disks stuff as normal user from the client side, and thus get the existing DK-disks policy checks (which might be a bit tricky since you also need to call syslinux etc.), or you need to mirror DK-disks' checks for removable devices, or you need to change the default policy to auth_admin_keep.

Otherwise the changes are primarily moving existing code around into the new d-bus wrapper.

If the policy checks get fixed, this looks fine for me, since it also helps to get rid of gksu.