- The printing of the warning about the insecurity in USB passthru had been lost. As most people are likely to want that feature,
the logic has been inverted. Now, the required udev commands to allow passthru are included. The first time that VB is started, the user will get a screen that points to the bug entry discussing the problem and states what they should do to block the insecure usage. In any case, that screen will only be printed once. File "virtualbox-60-vboxdrv.rules" has been added These changes address the issues in bnc #1018340. OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=303
This commit is contained in:
Larry Finger
committed by
Git OBS Bridge
Git OBS Bridge
parent
f62bb80d4b
commit
ce541db5bc
@@ -62,7 +62,7 @@ Index: a/src/apps/VBoxUSB_DevRules/VBoxUSB_DevRules.cpp
|
||||
+ QApplication app(argc, argv);
|
||||
+ QMessageBox msgBox;
|
||||
+ msgBox.setWindowTitle(QObject::tr("USB Rules and Permissions !"));
|
||||
+ msgBox.setText(QObject::tr("USB passthru opens a security hole. Please read \n\nhttps://bugzilla.novell.com/show_bug.cgi?id=664520\n\nto understand the problem. If you really want/need to use USB passthru, then copy /usr/lib/udev/rules.d/60-vboxdrv.rules to /etc/udev/rules.d/, and modify that file as outlined in the comments.\n\nTo avoid seeing this message every time VirtualBox is started, a dummy file is being created."));
|
||||
+ msgBox.setText(QObject::tr("USB passthru opens a security hole. Please read \n\nhttps://bugzilla.novell.com/show_bug.cgi?id=664520\n\nto understand the problem. If you really want/need to use USB passthru and are willing to accept the security risk, then do nothing. To plug the security hole, remove all 'usb' lines from /etc/udev/rules.d/60-vboxdrv.rules.\n\nThis message will not be seen again!"));
|
||||
+ int ret = msgBox.exec();
|
||||
+ app.quit();
|
||||
+ return 0;
|
||||
|
||||
Reference in New Issue
Block a user