PolicyKit confusion

[Da Rock]

This is doing my head in. I'm trying to get my head around hal, dbus, 
and PolicyKit, and I've made some inroads on the basics, but I cannot 
get a few things happening.

One: I managed to get network:/// smb shares working in say nautilus 
(not that I've specifically mounted one- not a windows in sight here 
thank god!), but I was hoping for NFS shares to show up. I also got the 
usb disk to show up as a 'place' but when I access it I get permissions 
issues. This is what I'm hung up on.

I checked out /media/hal-* and I see that the mount occurs only as root. 
How do I change that exactly? I need it showing for operator group. I've 
searched high and low and googled my brains out, but anything remotely 
related is for linux and udev.

Two: a big thing I've noticed here on google, lists, whatever is a 
confusion related to the 'define_admin_auth' group. Some are saying it 
is a security risk to have an average user access this area, and others 
are just opening it up. I'm with the former, unless I can be convinced 
otherwise. Can anyone provide some clarity to this issue? What precisely 
is the capabilties of the 'admin_auth' group?

Cheers