ubuntu-phone team mailing list archive

[Oliver Grawert <ogra@xxxxxxxxxx>]

hi,
Am Mittwoch, den 09.07.2014, 10:36 -0400 schrieb Marc Deslauriers:
> On 14-07-08 04:36 AM, Oliver Grawert wrote:
> > hi,
> > Am Montag, den 07.07.2014, 17:34 -0400 schrieb Marc Deslauriers:
> >> On 14-07-07 06:43 AM, Oliver Grawert wrote:
> >>> 3) on request of the security team it should not be possible to enable
> >>> adb access if there is no password or the default password set for the
> >>> phablet user so that there is no predictable sudo password that is
> >>> identical on all devices. there are still a few blockers that prevent us
> >>> from finishing this bit (more on that below).
> >>
> >> We also asked that adb refuse connections if the screen is locked. Is this
> >> implemented?
> > 
> > erm, no, what was asked was that you can only *enable* adb if there is a
> > sudo password set (one that isnt either empty or "phablet") and this is
> > what i am implementing atm ... we wont be able to keep smoke testing
> > working if you get kicked out when the device locks (and it would be
> > overly annoying) ... i think we need to make some compromise between
> > usability and security here ...
> >
> 
> >From the meeting notes:
> 
> ACTION (phonedations): Identify how to retrieve the lock screen state
> ACTION (phonedations): Make adb to only accept new connections when the screen
> is unlocked

i am pretty sure the second one said enablement at the end of the
meeting ... which then caused the design to look like: 
https://wiki.ubuntu.com/AboutThisDevice#developer-mode

ciao
	oli

Attachment: signature.asc
Description: This is a digitally signed message part