On 14-07-08 04:36 AM, Oliver Grawert wrote: > hi, > Am Montag, den 07.07.2014, 17:34 -0400 schrieb Marc Deslauriers: >> On 14-07-07 06:43 AM, Oliver Grawert wrote: >>> 3) on request of the security team it should not be possible to enable >>> adb access if there is no password or the default password set for the >>> phablet user so that there is no predictable sudo password that is >>> identical on all devices. there are still a few blockers that prevent us >>> from finishing this bit (more on that below). >> >> We also asked that adb refuse connections if the screen is locked. Is this >> implemented? > > erm, no, what was asked was that you can only *enable* adb if there is a > sudo password set (one that isnt either empty or "phablet") and this is > what i am implementing atm ... we wont be able to keep smoke testing > working if you get kicked out when the device locks (and it would be > overly annoying) ... i think we need to make some compromise between > usability and security here ... >
The goal is that if my screen is locked, and adb is enabled, nobody can simply plug my phone into a computer and unlock it using adb. I just want adb to refuse connections if they are attempted _while_ the screen is locked. If adb is already servicing a connection, it doesn't need to drop it when the screen then locks. Marc. -- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
