← Back to team overview

ubuntu-phone team mailing list archive

Re: Status update: Planned changes to the developer mode/adb access

 

On 14-07-08 04:36 AM, Oliver Grawert wrote:
> hi,
> Am Montag, den 07.07.2014, 17:34 -0400 schrieb Marc Deslauriers:
>> On 14-07-07 06:43 AM, Oliver Grawert wrote:
>>> 3) on request of the security team it should not be possible to enable
>>> adb access if there is no password or the default password set for the
>>> phablet user so that there is no predictable sudo password that is
>>> identical on all devices. there are still a few blockers that prevent us
>>> from finishing this bit (more on that below).
>>
>> We also asked that adb refuse connections if the screen is locked. Is this
>> implemented?
> 
> erm, no, what was asked was that you can only *enable* adb if there is a
> sudo password set (one that isnt either empty or "phablet") and this is
> what i am implementing atm ... we wont be able to keep smoke testing
> working if you get kicked out when the device locks (and it would be
> overly annoying) ... i think we need to make some compromise between
> usability and security here ...
>

>From the meeting notes:

ACTION (phonedations): Identify how to retrieve the lock screen state
ACTION (phonedations): Make adb to only accept new connections when the screen
is unlocked

Marc.



Follow ups

References