jengelh/virtualbox
SHA256
1
0
Fork 0
forked from pool/virtualbox
Code Pull Requests Activity
af26c92399
virtualbox/vbox-usb-warning.diff
Larry Finger af26c92399 - Revise warning screen concerning USB passthru - fixes bnc#1041137. 
USB passthru opens a security hole, yet it is so valuable that many users want the feature, thus it is our default.
  Previously, a user needed to edit a udev rule to disable passthru. The bad part was that an update of VB changed the
  rule back to allow passthru without any notification. These changes modify the popup to allow the user to accept or decline
  passthru. If the user declines, then the root password is requested and the udev rule is modified. As these modifications will be
  lost with the next VB update, the inode of the udev rule is kept. If the user has previously declined and the inode has changed,
  the popup will show the next time VB is started. File "fix_usb_rules.sh" is added.

OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=336
2017-06-08 22:26:55 +00:00

82 lines
3.2 KiB
Diff
Raw Blame History

Index: VirtualBox-5.1.22/src/apps/Makefile.kmk
===================================================================
--- VirtualBox-5.1.22.orig/src/apps/Makefile.kmk
+++ VirtualBox-5.1.22/src/apps/Makefile.kmk
@@ -31,5 +31,7 @@ endif
include $(PATH_SUB_CURRENT)/VBoxPermissionMessage/Makefile.kmk
+include $(PATH_SUB_CURRENT)/VBoxUSB_DevRules/Makefile.kmk
+
include $(FILE_KBUILD_SUB_FOOTER)
Index: VirtualBox-5.1.22/src/apps/VBoxUSB_DevRules/Makefile.kmk
===================================================================
--- /dev/null
+++ VirtualBox-5.1.22/src/apps/VBoxUSB_DevRules/Makefile.kmk
@@ -0,0 +1,33 @@
+# $Id: Makefile.kmk 28800 2010-04-27 08:22:32Z vboxsync $
+## @file
+#
+# VBoxUSB_DevRules is wrapper for suse users
+#
+# This file is part of VirtualBox Open Source Edition (OSE), as
+# available from http://www.virtualbox.org. This file is free software;
+# you can redistribute it and/or modify it under the terms of the GNU
+# General Public License (GPL) as published by the Free Software
+# Foundation, in version 2 as it comes in the "COPYING" file of the
+# VirtualBox OSE distribution. VirtualBox OSE is distributed in the
+# hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
+#
+
+
+SUB_DEPTH = ../../..
+include $(KBUILD_PATH)/subheader.kmk
+
+PROGRAMS += VBoxUSB_DevRules
+
+VBoxUSB_DevRules_TEMPLATE = VBOXQTGUIEXE
+VBoxUSB_DevRules_SOURCES = VBoxUSB_DevRules.cpp
+VBoxUSB_DevRules_QT_MODULES = Core Gui
+ifdef VBOX_WITH_QTGUI_V5
+ # Qt5 requires additional modules:
+ VBoxUSB_DevRules_QT_MODULES += Widgets
+endif # VBOX_WITH_QTGUI_V5
+
+#INSTALLS += VBoxUSB_DevRules
+
+include $(KBUILD_PATH)/subfooter.kmk
+
+
Index: VirtualBox-5.1.22/src/apps/VBoxUSB_DevRules/VBoxUSB_DevRules.cpp
===================================================================
--- /dev/null
+++ VirtualBox-5.1.22/src/apps/VBoxUSB_DevRules/VBoxUSB_DevRules.cpp
@@ -0,0 +1,26 @@
+#include <QtWidgets/QApplication>
+#include <QtWidgets/QMessageBox>
+#include <QtWidgets/QPushButton>
+
+int main(int argc, char *argv[])
+{
+ QApplication app(argc, argv);
+ QMessageBox msgBox;
+ QPushButton *myYesButton = msgBox.addButton("Enable", QMessageBox::YesRole);
+ QPushButton *myNoButton = msgBox.addButton("Disable", QMessageBox::NoRole);
+ msgBox.setWindowTitle(QObject::tr("USB Rules and Permissions !"));
+ msgBox.setText(QObject::tr("USB passthru opens a security hole. "
+ "Please read \nhttps://bugzilla.novell.com/show_bug.cgi?id=664520\n"
+ "to understand the problem.\n\nWe regard USB passthru to be extremely useful and worth the security risk. "
+ "thus the code defaults to enabling this feature. If you agree that the risk is acceptible, then click 'Enable'.\n"
+ "You will not be asked this question again when VB is updated. If you later change your mind, run 'rm ~/.vbox/*'\n\n"
+ "If you wish to disable USB passthru to plug the security hole, then click 'Disable'. "
+ "You will be asked for the system password, and /etc/udev/rules.d/60-vboxdrv.rules will be changed.\n"
+ "These changes cannot be preserved through VB updates, thus this screen will be displayed again at that time."));
+ msgBox.exec();
+ app.quit();
+ if (msgBox.clickedButton() == myYesButton)
+ return 0;
+ return 1;
+}
+
View Git Blame Copy Permalink