Skip to content

GitLab

Explore

Sign in
Register

Remove/don't add default user to "input" group (hardening, mildly security relevant)

Describe your issue

I suggest that postmarketOS remove, or at least don't add on new installs the default user to "input" group. This seems to allow directly bypassing any of the new security mechanisms Wayland brings of trying to block non-privileged keyloggers and generally unsafe behavior of non-root apps, by allowing any app outside of flatpak to just directly access the input devices past any sort of managed mechanism and fetch direct raw input. On both Fedora and my server Alpine install, the default user doesn't seem to be in the input group, so I'm guessing this is postmarketOS specific from that. Also, I removed my user on postmarketOS from the input group and rebooted as a first test, and so far things still seem to be working. However, I haven't tested external keyboards or gamepads etc yet.

Disclaimer: I'm by no means an expert so maybe being in this group isn't actually doing what I think it does and might be benign, also I may have missed a good reason why the user is in that group.

What's the expected behaviour?

Default user is not in "input" group

What's the current behaviour?

Default user at least for my install is in "input" group

How to reproduce your issue?

Open terminal as default user, not root
Check the output of the command groups which should list if your user is in the "input" group or not.

What device are you using?

postmarketOS Allwinner 3GB mem variant

On what postmarketOS version did you encounter the issue?

edge (master branch)
v23.06 but upgraded from older installs
v22.12 (Supported until 2023-07-06)
I confirm that the issue still is present after running sudo apk upgrade -a

On what environment did you encounter the issue?

Environments

GNOME Shell on Mobile
Phosh
Plasma Mobile
Sxmo (Wayland/Sway) Please post the output of sxmo_version.sh
Other: Please fill out

How did you get postmarketOS image?

from https://images.postmarketos.org
I built it using pmbootstrap
It was preinstalled on my device

What's the build date of the image? (in yyyy-mm-dd format)

Additional information

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Assignee Loading

Time tracking Loading