[Merge] lp:~xnox/ubuntu/trusty/lxc-android-config/add-generic-rules into lp:ubuntu/lxc-android-config
Dmitrijs Ledkovs
launchpad at surgut.co.uk
Wed Nov 13 09:39:16 UTC 2013
On 13 November 2013 08:00, Martin Pitt <martin.pitt at ubuntu.com> wrote:
> Review: Needs Fixing
>
> What's the purpose of setting owner and group if the permissions are 666 anyway? Is there any way the permissions could be made to not be world-writable, especially for the ttyS*? What do the qemu_* devices do, are these potentially security/robustness relevant?
Well, that's just copy/paste what's done on stock android. Indeed
having them non world-writable would be better, not sure what will
break. qemu_* devices communicate with qemu devices (hypervisor?) and
host OS (adb). Not sure how the attack vector would look like, given
that it is emulator. I'll open a bug to limit the permissions on
these. Since this branch is merged already.
Regards,
Dmitrijs.
--
https://code.launchpad.net/~xnox/ubuntu/trusty/lxc-android-config/add-generic-rules/+merge/192331
Your team Ubuntu branches is subscribed to branch lp:ubuntu/lxc-android-config.
More information about the Ubuntu-reviews
mailing list