Access to hardware by unprivileged users is traditionally granted in two ways either by granting access to the special device file or allowing access through another process, using IPC acting on behalf of the user. HAL follows the latter model and uses the system-wide message bus (D-Bus) as the IPC mechanism. In addition, HAL has support for modifying the ACL's (access control lists) on a device file to grant/revoke access to users based on several criteria. If HAL is built with --enable-acl-management (requires both --enable-console-kit and --enable-policy-kit) then ACL's on device objects with the capability access_control are automatically managed according to the properties defined in . In addition, for this configuration, HAL ships with a device information file (normally installed in /usr/share/hal/fdi/policy/10osvendor/20-acl-management.fdi) that merges this capability on device objects that are normally accessed by unprivileged users through the device file. This includes e.g. sound cards, webcams and other devices but excludes drives and volumes as the latter two are normally accessed by a user through mounting them into the file system. HAL uses PolicyKit to decide what users should have access according to PolicyKit configuration; see the PolicyKit privilege definition file /usr/share/PolicyKit/policy/org.freedesktop.hal.device-access.policy on a system with HAL installed for the default access suggested by the HAL package and/or OS vendor. In addition, 3rd party packages can supply device information files to specify (via the access_control.grant_user and access_control.grant_group properties) that a given user or group should always have access to a device file. This is useful for system-wide software (such as AV streaming management) that runs as an unprivileged system user. This interface is supposed to be stable so 3rd party packages can depend on it. This is a list of the device file policies/rules delivered with the HAL package to manage ACL's as defined via access_control.type and the current default Policykit policies for inactive and active users. Type Description allow_inactive allow_active audio-player Directly access audio players. no yes camera Directly access digital cameras. no yes cdrom Directly access optical drives. yes yes dvb Directly access DVB devices. no yes fingerprint-reader Directly access to fingerprint reader devices. no yes floppy Directly access Floppy devices. yes yes ieee1394-avc Directly access Firewire AVC devices. no yes ieee1394-iidc Directly access Firewire IIDC devices. no yes smart-card-reader Directly access Smart Card Reader security devices. no yes joystick Directly access Joystick devices. yes yes modem Directly access serial modem devices. auth_admin_keep_always auth_admin_keep_always mouse Directly access Mouse (input) devices yes yes obex Directly access OBEX devices. no yes pda Directly access PDA devices. no yes ppdev Directly access parallel port devices. auth_admin_keep_always auth_admin_keep_always printer Directly access printer devices. no yes removable-block Directly access removable block devices. no no scanner Directly access scanners. no yes sound Directly access sound devices. no yes video Directly access Video devices. yes yes video4linux Directly access video capture devices. no yes If HAL is built without ConsoleKit support (e.g. without --enable-console-kit) access to the various D-Bus interfaces that provides mechanisms is only protected by the D-Bus security configuration files (e.g. using at_console to restrict to console user on Red Hat systems) and, in certain cases, restricted to the super user. If ConsoleKit support is enabled, access to D-Bus interfaces is currently hardcoded to only allow active users at the system console. If PolicyKit support is enabled, the PolicyKit library will be in charge of determining access; see the PolicyKit privilege definition files in /etc/PolicyKit/privileges on a system with HAL installed for the default access suggested by the HAL package and/or OS vendor.