Forwarding this message to the linux-hotplug mailing list.
Alan Stern
On Wed, 20 Oct 2010, Xiaofan Chen wrote:
> On Wed, Oct 20, 2010 at 5:54 AM, Peter Stuge <peter@xxxxxxxx> wrote:
> > Tim Roberts wrote:
> >> ACTION=="add", SUBSYSTEM=="usb_device", SYSFS{idVendor}="hhhh", MODE="666"
> >
> > Please note that 666 is never a good mode to use. It means that every
> > user in the system has direct access to the hardware device. In
> > practise it removes all security from the system.
> >
> > Please make use of relevant groups, and use a mode like 660 or
> > ideally only allow a single user access with mode 600.
>
> I think your recommendation is good. Unfortunately
> the default udev rule for libusb device is not
> really following your recommendation.
>
> >From udev 163 release's 50-udev-default.rules.
> # libusb device nodes
> SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0664"
>
> I wonder if this is better changed to using the "usb" or "plugdev"
> group and "0660". Then it is quite easy to ask the user to
> add them to the "usb" or "plugdev" group in order to use libusb
> based application as non-root user.
--
To unsubscribe from this list: send the line "unsubscribe linux-hotplug" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
