diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch |
reinit the tree, so we can have metadata
Diffstat (limited to 'sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch')
-rw-r--r-- | sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch b/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch new file mode 100644 index 000000000000..128ac8ce311b --- /dev/null +++ b/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch @@ -0,0 +1,23 @@ +Remove spurious \n to fix udev rule generation + +Steven Newbury <steve@snewbury.org.uk>: +libfprint generates 60-fprint-autosuspend.rules for all supported devices, +however there's a spurious \n before the ', MODE="0666"' which results in it +appearing on a new line after the match criteria. At least on current +systemd/udev this results in MODE="0666" being applied unconditionally to all +device nodes. This is an extremely serious security problem and effectively +gives root access to all users simply by having the ebuild emerged. + +https://bugs.gentoo.org/562218 + +--- a/libfprint/fprint-list-udev-rules.c ++++ b/libfprint/fprint-list-udev-rules.c +@@ -74,7 +74,7 @@ + if (num_printed == 0) + printf ("# %s\n", driver->full_name); + +- printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ATTRS{dev}==\"*\", TEST==\"power/control\", ATTR{power/control}=\"auto\"\n, MODE=\"0666\"\n", driver->id_table[i].vendor, driver->id_table[i].product); ++ printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ATTRS{dev}==\"*\", TEST==\"power/control\", ATTR{power/control}=\"auto\", MODE=\"0666\"\n", driver->id_table[i].vendor, driver->id_table[i].product); + printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ENV{LIBFPRINT_DRIVER}=\"%s\"\n", driver->id_table[i].vendor, driver->id_table[i].product, driver->full_name); + num_printed++; + } |