From 77cb7deca1243e1a1dfe1abfc45b1976308d9a2e Mon Sep 17 00:00:00 2001
From: Antoine Jacoutot <ajacoutot@openbsd.org>
Date: Wed, 23 Jan 2019 04:33:18 +0100
Subject: [PATCH] Make sure the user is active, local and actually owner of the
 mount point.

---
 toad.pl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/toad.pl b/toad.pl
index a17d998..985dcb9 100644
--- a/toad.pl
+++ b/toad.pl
@@ -122,7 +122,9 @@ sub create_pkrule {
 	print PKRULE "  if (action.id == \"org.freedesktop.policykit.exec\" &&\n";
 	print PKRULE "    action.lookup(\"program\") == \"/sbin/umount\" &&\n";
 	print PKRULE "    action.lookup(\"command_line\") == \"/sbin/umount $mountbase/$login/$devtype$devnum\") {\n";
-	print PKRULE "    return polkit.Result.YES;\n";
+	print PKRULE "    if (subject.local && subject.active && subject.user == \"$login\") {\n";
+	print PKRULE "      return polkit.Result.YES;\n";
+	print PKRULE "    }\n";
 	print PKRULE "  }\n";
 	print PKRULE "});\n";