ubuntu-phone team mailing list archive

Thread
Date

Re: Status update: Planned changes to the developer mode/adb access

To: ubuntu-phone@xxxxxxxxxxxxxxxxxxx
From: Oliver Grawert <ogra@xxxxxxxxxx>
Date: Tue, 08 Jul 2014 14:50:30 +0200
In-reply-to: <CADzF8kymp83ZyKJZtiqh+pEsVE2Ca8AzG0GJ5d4U1fOn05dpdg@mail.gmail.com>
Sender: Oliver Grawert <oliver.grawert@xxxxxxxxxxxxxx>

hi,
Am Dienstag, den 08.07.2014, 14:38 +0200 schrieb Alexander Sack:
> On Tue, Jul 8, 2014 at 1:30 PM, Martin Pitt <martin.pitt@xxxxxxxxxx> wrote:
> > Marc Deslauriers [2014-07-08  7:09 -0400]:
> >> You can make adb detect when running on the emulator, and allow connections for
> >> testing perhaps.
> >
> > I wouldn't like to see this. First, we need to test on real hw as well
> > and don't want to provide two different approaches to this, and second
> > it would make the emulator useless for developing and testing these
> > new security specifications.
> >
> > I still like the suggestion of making ubuntu-device-flash --developer-mode
> > enable adb and root (or perhaps also a separate --developer-root-mode
> > option if that one is only supposed to give you user adb).
> 
> If this is different from the developer mode you enable through
> settings, I would like to keep the name distinct. Maybe something like
> --root-mode?

can we please stop talking about "root mode" it was agreed (multiple
times now) that we will not have a "adb root mode" but that the user
will have to use sudo when needing to do administrative tasks, this is
how it was implemented.

> 
> In any case, did we explore maybe making adb shell password protected
> instead of trying to make assumptions about whether you can adb into
> your device based on screen lock state? Would that be hard/easy to do
> if we wanted it?

yes this was explored multiple times and as i said in my other mail
would require nearly a re-write from scratch to hook it up to a tty,
make it work with PAM etc etc. 

we can probably discuss this for post RTM or 15.04 but surely not for
the next few weeks ... we made a plan in multiple meetings that i would
really like to implement without having people trying to change it all
the time ... if are were serious security flaws we should indeed address
them but lets please stick to the planning we have made beyond this and
not start over from the ground up shortly before the final deadline.

ciao
	oli

Attachment: signature.asc
Description: This is a digitally signed message part

References

Status update: Planned changes to the developer mode/adb access
From: Oliver Grawert, 2014-07-07
Re: Status update: Planned changes to the developer mode/adb access
From: Marc Deslauriers, 2014-07-07
Re: Status update: Planned changes to the developer mode/adb access
From: Martin Pitt, 2014-07-08
Re: Status update: Planned changes to the developer mode/adb access
From: Marc Deslauriers, 2014-07-08
Re: Status update: Planned changes to the developer mode/adb access
From: Martin Pitt, 2014-07-08
Re: Status update: Planned changes to the developer mode/adb access
From: Alexander Sack, 2014-07-08