From acbab37922d823a9e823bb0d186bada870fa6e0c Mon Sep 17 00:00:00 2001 From: Laurent Bigonville Date: Thu, 13 Feb 2020 11:21:19 +0100 Subject: [PATCH] d/p/udev-rules-creation-add-Debian-specifics.patch: Avoid unprivileged users to be able to read the devices, this is not necessary and could lead to fingerprint images being captured. --- debian/changelog | 5 ++++- .../patches/udev-rules-creation-add-Debian-specifics.patch | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index e5ef0fb7..0c7aed7d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -18,8 +18,11 @@ libfprint (1:1.90.1-1) UNRELEASED; urgency=medium * Update debian/libfprint2.postinst for the new supported readers * debian/gbp.conf: Upstream tags have changed format * debian/control: Bump Standards-Version to 4.5.0 (no further changes) + * d/p/udev-rules-creation-add-Debian-specifics.patch: Avoid unprivileged + users to be able to read the devices, this is not necessary and could lead + to fingerprint images being captured. - -- Laurent Bigonville Thu, 13 Feb 2020 10:59:42 +0100 + -- Laurent Bigonville Thu, 13 Feb 2020 11:19:04 +0100 libfprint (1:1.0-1) unstable; urgency=medium diff --git a/debian/patches/udev-rules-creation-add-Debian-specifics.patch b/debian/patches/udev-rules-creation-add-Debian-specifics.patch index 0bcbb375..59c273f3 100644 --- a/debian/patches/udev-rules-creation-add-Debian-specifics.patch +++ b/debian/patches/udev-rules-creation-add-Debian-specifics.patch @@ -27,7 +27,7 @@ Last-Update: 2020-01-10 + g_print ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ATTRS{dev}==\"*\", ", entry->vid, entry->pid); + if (bl_entry->vid == 0) + g_print ("TEST==\"power/control\", ATTR{power/control}=\"auto\", "); -+ g_print ("MODE=\"0664\", GROUP=\"plugdev\"\n"); ++ g_print ("MODE=\"0660\", GROUP=\"plugdev\"\n"); g_print ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ENV{LIBFPRINT_DRIVER}=\"%s\"\n", entry->vid, entry->pid, cls->full_name); num_printed++;