pool/tpm2.0-abrmd
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78 Commits 1 Branch 0 Tags 722 KiB
Diff 100%
factory
Go to file
Dominique Leuenberger 84e2d8338c Accepting request 1088672 from security 
OBS-URL: https://build.opensuse.org/request/show/1088672
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tpm2.0-abrmd?expand=0&rev=25
2023-05-24 18:22:12 +00:00
.gitattributes Accepting request 514156 from home:mgerstner:branches:security 2017-08-03 08:13:01 +00:00
.gitignore Accepting request 514156 from home:mgerstner:branches:security 2017-08-03 08:13:01 +00:00
harden_tpm2-abrmd.service.patch Accepting request 933795 from home:jsegitz:branches:systemdhardening:security 2021-11-30 09:31:21 +00:00
README.SUSE - restrict D-Bus access to tpm2-abrmd to members of the tss group 2022-04-04 10:57:16 +00:00
tpm2-abrmd-3.0.0.tar.gz Accepting request 1041872 from home:aplanas:branches:security 2022-12-09 13:28:01 +00:00
tpm2-abrmd-3.0.0.tar.gz.asc Accepting request 1041872 from home:aplanas:branches:security 2022-12-09 13:28:01 +00:00
tpm2-abrmd.keyring Accepting request 1041872 from home:aplanas:branches:security 2022-12-09 13:28:01 +00:00
tpm2.0-abrmd.changes Accepting request 1088652 from home:aplanas:branches:security 2023-05-23 12:36:28 +00:00
tpm2.0-abrmd.rpmlintrc - Update to version 2.0.1: 2018-08-10 10:31:50 +00:00
tpm2.0-abrmd.spec Accepting request 1088671 from home:aplanas:branches:security 2023-05-23 13:55:07 +00:00

README.SUSE 

The tpm2-abrmd by upstream default allows every local users in the system to
access the TPM chip and modify its settings (bsc#1197532). Upstream suggests
to use the TPM's internal security features (e.g. password protection) to
prevent local users from manipulating the chip without authorization. Still
the default behaviour that every user in the system can access TPM features
without any authentication could come as a surprise to end users and system
integrators alike.

For this reason on SUSE only members of the 'tss' group are allowed to access
the tpm2-abrmd D-Bus interface, thereby mirroring the access permissions of
the /dev/tpm0 and /dev/tpmrm0 character devices.