Johannes Meixner changed bug 938659
What Removed Added
CC   dmitry@roshchin.org, security-team@suse.de
Component Other Security

Comment # 41 on bug 938659 from 
Dmitry Roshchin,

I did
osc getbinaries openSUSE:Factory android-tools standard i586
and got
android-tools-5.1.1_r8-1.1.i586.rpm
that contains
/usr/lib/udev/rules.d/51-android.rules
--------------------------------------------------------------------------
#egrep -v '^$|^#' /usr/lib/udev/rules.d/51-android.rules

SUBSYSTEM=="usb", ATTR{idVendor}=="0502", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0b05", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="413c", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0489", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="04c5", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="04c5", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="091e", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="201E", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="109b", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="8087", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="24e3", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="2116", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0482", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="17ef", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="1004", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0e8d", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0409", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="2080", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0955", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="2257", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="10a9", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="1d4d", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0471", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="04da", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="05c6", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="1f53", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="04dd", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="054c", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0fce", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0fce", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="2340", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="0930", TAG+="uaccess"
SUBSYSTEM=="usb", ATTR{idVendor}=="19d2", TAG+="uaccess"
--------------------------------------------------------------------------

As far as I see those rules are in two ways wrong:

1.
They apply unconditionally for all USB devices of those vendors.
When vendors make various kind of USB devices such unconditioned
rules could cause conflicts with other rules that are inteded
for particular kind of USB devices as in this bug here.

2.
They grant unconditionally for all USB devices of those vendors
normal user access (via TAG+="uaccess") and that could be a
severe security issue but I am not a sufficient security expert
to make an educated statement here. Therefore I change the
Bugzilla component to "security" so that our security team could
have a look.

You are receiving this mail because: