On Tue, 16.02.10 20:48, Markus Rechberger (mrechberger at gmail.com) wrote: > Lennard, don't spread nonsense around, if you have raw access to a camera there > might be the possibility to update the firmware and damage the device. > If you would have little experience with hardware you should know about that. > Your ACL/libusb restriction won't make this situation better it's > still a security risk. > Although just drop libusb as an example. > > Markus Marcus, then you better run quickly and complain to the udev folks, because they have been shipping udev with libusb devices accessible to console users sine about forever. Just plug in a USB scanner on a reasonably new Linux machine and run "ls -al /dev/bus/usb/*/*". Then, look out for the "+" in the permissions column and run getfacl on that file, and you'll see that the logged in user may access the device node. But all of this has nothing to do with PA. So please go away, and complain elsewhere. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net http://0pointer.net/lennart/ GnuPG 0x1A015CC4
