New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow qubes.InputKeyboard by default in sys-usb salt #3126

Closed
adrelanos opened this Issue Sep 27, 2017 · 1 comment

Comments

Projects
None yet
3 participants
@adrelanos
Member

adrelanos commented Sep 27, 2017

https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/blob/master/qvm/sys-usb.sls does

sys-usb-input-proxy:
  file.prepend:
    - name: /etc/qubes-rpc/policy/qubes.InputMouse
    - text: sys-usb dom0 allow,user=root
    - require:
      - pkg:       qubes-input-proxy

Wouldn't it make sense to also add...

  file.prepend:
    - name: /etc/qubes-rpc/policy/qubes.InputKeyboard
    - text: sys-usb dom0 allow,user=root
    - require:
      - pkg:       qubes-input-proxy

...?

Why only allow mouse but not keyboard? For security reasons?

A mouse is as good as a keyboard when scripted. Mouse actions reburied for an attack could be recorded and replayed. (There are applications for mouse automation.) Letters can be copied. Well, there is no enter key? But then a virtual keyboard should better not be installed? Or I guess there is also another way to use a mouse to get the same action as enter?

Unless I am missing something (quite possible), if mouse is allowed, keyboard should as well.

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Sep 27, 2017

Member

The main point is you can't unlock the screen with only mouse. So, if user is away, it can do nothing. But if user is there, he/she probably will notice the attack. See explanation here: https://www.qubes-os.org/doc/usb/#security-warning-about-usb-input-devices

This is also one of the reasons why installer refuse to create sys-usb when you use USB keyboard.

Member

marmarek commented Sep 27, 2017

The main point is you can't unlock the screen with only mouse. So, if user is away, it can do nothing. But if user is there, he/she probably will notice the attack. See explanation here: https://www.qubes-os.org/doc/usb/#security-warning-about-usb-input-devices

This is also one of the reasons why installer refuse to create sys-usb when you use USB keyboard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment