diff options
Diffstat (limited to 'sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch')
-rw-r--r-- | sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch | 23 |
1 files changed, 0 insertions, 23 deletions
diff --git a/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch b/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch deleted file mode 100644 index 128ac8ce311b..000000000000 --- a/sys-auth/libfprint/files/libfprint-0.6.0-fix-udev-rules.patch +++ /dev/null @@ -1,23 +0,0 @@ -Remove spurious \n to fix udev rule generation - -Steven Newbury <steve@snewbury.org.uk>: -libfprint generates 60-fprint-autosuspend.rules for all supported devices, -however there's a spurious \n before the ', MODE="0666"' which results in it -appearing on a new line after the match criteria. At least on current -systemd/udev this results in MODE="0666" being applied unconditionally to all -device nodes. This is an extremely serious security problem and effectively -gives root access to all users simply by having the ebuild emerged. - -https://bugs.gentoo.org/562218 - ---- a/libfprint/fprint-list-udev-rules.c -+++ b/libfprint/fprint-list-udev-rules.c -@@ -74,7 +74,7 @@ - if (num_printed == 0) - printf ("# %s\n", driver->full_name); - -- printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ATTRS{dev}==\"*\", TEST==\"power/control\", ATTR{power/control}=\"auto\"\n, MODE=\"0666\"\n", driver->id_table[i].vendor, driver->id_table[i].product); -+ printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ATTRS{dev}==\"*\", TEST==\"power/control\", ATTR{power/control}=\"auto\", MODE=\"0666\"\n", driver->id_table[i].vendor, driver->id_table[i].product); - printf ("SUBSYSTEM==\"usb\", ATTRS{idVendor}==\"%04x\", ATTRS{idProduct}==\"%04x\", ENV{LIBFPRINT_DRIVER}=\"%s\"\n", driver->id_table[i].vendor, driver->id_table[i].product, driver->full_name); - num_printed++; - } |