Conversation

It also means it depends on installing the same fastboot udev rules as usual on Linux which annoys me. I had to add that back to grapheneos.org/install/web since I'd deleted it when I copied the CLI installation guide there expecting that it wasn't going to be needed.

grapheneos.org

GrapheneOS web installer

Web-based installer for GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

Replying to

and

it would be *much* more concerning if it had a SUID binary that can talk to udev.

Replying to

and

Yeah, but originally I expected that WebUSB was a special thing that would use a generic WebUSB driver. I didn't realize it was just normal USB.

Replying to

and

For common USB devices, the udev rules already exist. It's actually quite annoying that it's not more generic. I don't really understand the point of someone having to maintain github.com/M0Rf30/android in order to authorize local users (users physically at a session) to use it.

github.com

GitHub - M0Rf30/android-udev-rules: Android udev rules list aimed to be the most comprehensive on...

Android udev rules list aimed to be the most comprehensive on the net - GitHub - M0Rf30/android-udev-rules: Android udev rules list aimed to be the most comprehensive on the net

Replying to

and

The only reason the Debian package with the udev rules works for current Pixels despite being so out-of-date is that they've kept using the same ids from Nexus devices: github.com/M0Rf30/android It wouldn't work well for most other brands of devices.

github.com

android-udev-rules/51-android.rules at main · M0Rf30/android-udev-rules

Android udev rules list aimed to be the most comprehensive on the net - android-udev-rules/51-android.rules at main · M0Rf30/android-udev-rules

Replying to

and

Needing to teach people to put a file in /etc/udev/rules.d/ is a pretty bad usability issue. It really doesn't make any sense. Needing to authorize a sandboxed app to use a device actually makes sense. The user themselves should be able to use local USB devices... sigh.

Replying to

and

are there any USB devices that would be unwise to expose to anyone in `plugdev`?

Replying to

and

this is a question that deserves a substantial amount of thought and analysis, but I can think of one obvious example immediately: the usb device that the root filesystem is mounted from

Replying to

and

It might as well be accessible to a user with *physical access* though (uaccess). They can take a hammer and smash it and if the OS doesn't have verified boot, they can modify it by plugging it into something else. It's basically just security theater to not have global uaccess.

4:26 AM · Jan 25, 2021Twitter Web App

Replying to

and

right, uaccess vs plugdev actually make a difference here!

Replying to

and

ok, this is where I am dumb, what is uaccess

Show replies

Replying to

and

"anything which runs as my user can write out a suid root file to disk and run it" is... breaking a lot of longstanding assumptions. that might be /fine/ but it deserves, like, a paper at least explaining why?

Replying to

and

... well, i use passwordless sudo

Show replies