summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans de Goede <hdegoede@redhat.com>2012-12-20 21:52:17 +0100
committerHans de Goede <hdegoede@redhat.com>2012-12-20 21:57:24 +0100
commit48b7acd5740a5524dd6d151d6bfc5978ae518c1e (patch)
tree73e338a18c1efab4da05d6e38ba592b4e71802a2
parent621732a3b666b0d36f8b1c4f4b904923952767bd (diff)
acl-helper policykit policy: Allow redir by default for console users
This makes usb-redir a lot more userfriendly to use. This has been discussed with the security team and they are ok with it, rationale: Since we only set <allow_active> to yes, we only give raw usb access to users *physically present behind the machine*. This is ok since they already have full control over usb devices anyways, they can always just unplug the device and put it in a user controlled machine. This follows how we already grant a great deal of access to users *physically present behind the machine* including dangerous things like /dev/sg access for cd/dvd writers. And raw usb access to all devices which happen to have a userspace driver rather then an in kernel driver. Also the opening up is limited compared to the existing opening up of other devices listed above in that: 1) It will only happen on machines which have spice-glib installed 2) We are not opening up the device nodes rights automatically, as an udev rule would do. So there is no chance that any random app can start (accidentally) poking the devices. Signed-off-by: Hans de Goede <hdegoede@redhat.com>
-rw-r--r--data/org.spice-space.lowlevelusbaccess.policy2
1 files changed, 1 insertions, 1 deletions
diff --git a/data/org.spice-space.lowlevelusbaccess.policy b/data/org.spice-space.lowlevelusbaccess.policy
index 170f5ff..535ee31 100644
--- a/data/org.spice-space.lowlevelusbaccess.policy
+++ b/data/org.spice-space.lowlevelusbaccess.policy
@@ -13,7 +13,7 @@
<message>Privileges are required for low level USB device access (for usb device pass through).</message>
<defaults>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_active>yes</allow_active>
</defaults>
</action>