On Fri, Jan 20, 2017 at 01:18:12PM +0100, Lars Knudsen wrote: > > The full device should be fine if it has a WebUSB interface (even in a > > composite scenario) > > Really? You want to allow someone "raw" access to a composite device > just because of one specific interface? > > > Ideally, I would only allow the browsers running in user space and only the > WebUSB interface. > - but would that even be possible on Linux? (now/future).
I don't know how the browser ends up talking to the USB device in the first place. Does it use libusb? usbfs directly? Something else? It all depends on how it is accessing the device for what is needed to properly set the permissions on it. > We should remember that devices with a WebUSB interface included were *made* > for user access (what else would be the point?). I agree, but you never know what type of crazy composite device people will create with this interface type. > Also: We *do* need a 'blanket' solution for these as manufactures can't always > wait for the next time all planets align > and e.g. Ubuntu chooses to upgrade the rules. Just fyi, last time I was in > similar discussions in the smae lists, it took > some years for it to land in Ubuntu: https://medium.com/@larsgk/ > web-enabling-legacy-devices-dc3ecb9400ed#.7l1hztlmi Nothing I can do about crazy/stupid distros that never want to update anything, all we can do is provide the solution and hope they wake up and take it. Or users will end up moving to a distro that does provide the correct continuous update model (i.e. Fedora, openSUSE, Arch, etc.) thanks, greg k-h _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
