Bug 819292

Summary: udev rules set insecure permissions
Product: [Fedora] Fedora Reporter: Roman Kagan <rkagan>
Component: android-toolsAssignee: Ivan Afonichev <ivan.afonichev>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 16CC: ivan.afonichev, kolyshkin, maurizio.antillon
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: android-tools-20120510gitd98c87c-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-19 06:59:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Roman Kagan 2012-05-06 10:22:34 UTC 
Description of problem:

udev rules file packaged with android-tools consists of rules like this:

SUBSYSTEM=="usb", ATTR{idVendor}=="0502", MODE="0666"

IOW for *any* device with the given vendor ID, its associated device nodes will be world-writable. 

Despite it follows the upstream guidelines at http://developer.android.com/guide/developing/device.html, this is obviously insecure and contradicts the common practice of using ACL to grant access to the current console user via TAG+="uaccess".

Version-Release number of selected component (if applicable):

android-tools-20111220git1b251bd-1.fc16.i686
Comment 1 Fedora Update System 2012-05-10 08:38:51 UTC 
android-tools-20120510gitd98c87c-1.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/android-tools-20120510gitd98c87c-1.fc16
Comment 2 Fedora Update System 2012-05-10 08:38:59 UTC 
android-tools-20120510gitd98c87c-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/android-tools-20120510gitd98c87c-1.fc17
Comment 3 Fedora Update System 2012-05-10 08:39:08 UTC 
android-tools-20120510gitd98c87c-1.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/android-tools-20120510gitd98c87c-1.fc15
Comment 4 Fedora Update System 2012-05-10 20:42:10 UTC 
Package android-tools-20120510gitd98c87c-1.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing android-tools-20120510gitd98c87c-1.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-7645/android-tools-20120510gitd98c87c-1.fc17
then log in and leave karma (feedback).
Comment 5 Fedora Update System 2012-05-19 06:59:28 UTC 
android-tools-20120510gitd98c87c-1.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 6 Fedora Update System 2012-05-19 07:00:29 UTC 
android-tools-20120510gitd98c87c-1.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2012-05-26 07:42:37 UTC 
android-tools-20120510gitd98c87c-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.