Nicolas George wrote: > Package: libgphoto2-2 > Version: 2.2.1-12 > Severity: grave > Tags: security > > In /etc/udev/libgphoto2_generic_ptp_support.rules, there is the following > rule: > > ACTION=="add", SUBSYSTEM=="usb_device", ENV{INTERFACE}="6/1/1", \ > PROGRAM="/bin/sh -c 'K=%k; K=$${K#usbdev}; printf bus/usb/%%03i/%%03i > $${K%%%%.*} $${K#*.}'", \ > NAME="%c", MODE="0660", GROUP="plugdev" > > The single = sign after ENV{INTERFACE} means that the INTERFACE environment > variable is set, not queried. The result is that all USB devices, and not > only the PTP ones, are set to the plugdev group, thus giving some users > access to devices they should not have access to. > > Suggested fix: put two equals signs
Sorry I could not handle this earlier. Unfortunately putting two equal signs doesn't work. Unfortunately while I thought I finally managed to get a udev rule working for generic PTP cameras, it appears it is broken and I can only suggest I remove it. This will be a regression with regards to Sarge where hotplug was used but I can't see any other mean. vorlon: would such an upload have chances to get into etch ? Regards, Frederic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]