Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upUSB mouse works without approval #2491
Comments
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
andrewdavidwong
added
the
C: other
label
Dec 6, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
marmarek
Dec 6, 2016
Member
On Tue, Dec 06, 2016 at 03:35:38AM -0800, Andrew David Wong wrote:
I think enabling mouse input by default if the user opts to create a USB qube is an intentional design decision related to issue #1930. Is that right, @marmarek?
By default policy is set to 'ask'. I think either USB VM is not enabled
at all (and device is indeed in dom0 directly), or you clicked "yes to
all", which save the decision and do not ask on further occasions (about
the mouse connected to sys-usb, other services or other VMs should still
result in prompt dialog).
…--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
|
On Tue, Dec 06, 2016 at 03:35:38AM -0800, Andrew David Wong wrote:
I think enabling mouse input by default if the user opts to create a USB qube is an intentional design decision related to issue #1930. Is that right, @marmarek?
By default policy is set to 'ask'. I think either USB VM is not enabled
at all (and device is indeed in dom0 directly), or you clicked "yes to
all", which save the decision and do not ask on further occasions (about
the mouse connected to sys-usb, other services or other VMs should still
result in prompt dialog).
…--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
|
andrewdavidwong
added
the
notanissue
label
Dec 7, 2016
andrewdavidwong
closed this
Dec 7, 2016
shunju
referenced this issue
Mar 19, 2018
Open
Inconsistent handling of USB input devices (mouse and keyboard) #3722
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
starius commentedDec 6, 2016
Qubes OS version:
R3.2.When I plugged in my USB mouse, it became usable without any approval from me. I think, it smells like a security problem. I have not tested a keyboard, but if it works in the same manner, it is even worse. A malicious USB device can pretend to be a mouse and tamper user's activity in dom0 (e.g., open Qubes VM manager or some application, reboot physical machine).
Note: if the OS requested an approval for all USB devices, there would be a chicken-and-egg problem with requesting an approval for a keyboard if there is only one keyboard and it is the USB keyboard in question. It can be solved by pre-approving some devices during the installation (explicitly asking a user to choose which devices to trust).