Unrestricted access to /dev/ttyUSB* vulnerability #1796
Comments
|
Would this work across distro? Many users are already suffering from being unable to access their USB devices due to all the restrictions and we don't want to make the users suffer unnecessarily. |
I don't know. I guess it should work on any distro with standard systemd configuration but can't test it. I have libindi installed as a dependency for another package. Anyway, letting to know about security issue is better than staying silent.
On another hand, allowing all users to access USB devices is a rude solution, i think. Let users manage access to devices on their systems. |
|
This issue has been inactive for 60 days and is being marked as stale. |
|
This issue has been closed due to inactivity. |
drivers/auxiliary/99-indi_auxiliary.rulessets mode0666for many popular USB-to-serial adapters. It allows any user to access any/dev/ttyUSB*unrestrictedly in most cases, regardless ofuucpgroup membership and device purpose. This is security vulnerability.Possible solution is to change
MODE="0666"toTAG+="uaccess". Probably also need to change99prefix in99-indi_auxiliary.rulesto move it before73-seat-late.rules.The text was updated successfully, but these errors were encountered: