Good day. I am one of the boinc-client maintainers, and I am writing to you to ask an opinion about bugreport <<SELinux is preventing boinc_client from 'getattr' accesses on the chr_file /dev/input/event9>> [1]
In a few words, boinc-client to check user inactivity time, reads keyboard events from /dev/input/event9 SELinux maintainers said that boinc-client maintainers have to take a decision about denying or allowing such behaviour. I tried to ask in boinc's forum (in the mailing list very often you do not get an answer), so I opened forum topic [2]. They confirmed that boinc uses /dev/input/event9 to check user inactivity time. Since boinc-client source code is open, but source code of boinc working units is not available, I don't know if boinc-client should be allowed to make such readings...
What is your opinion?
Have a nice day and thank you for your time.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1337607 [2]: https://boinc.berkeley.edu/dev/forum_thread.php?id=11041
P.S. By my mistake I have already unsuccessfully sent an email to security@lists.fedoraproject.org but I wanted to sent an e-mail to security-team@lists.fedoraproject.org so please apologize me if there will be two discussions
On 06/10/2016 11:40 PM, Germano Massullo wrote:
Good day. I am one of the boinc-client maintainers, and I am writing to you to ask an opinion about bugreport <<SELinux is preventing boinc_client from 'getattr' accesses on the chr_file /dev/input/event9>> [1]
In a few words, boinc-client to check user inactivity time, reads keyboard events from /dev/input/event9
The desktop environment already needs to do this for the screen saver. Perhaps this information can be made accessible over D-Bus (if not is not yet available).
Thanks, Florian
Thank you Florian, I just contacted upstream developers, giving them a suggestion about how to implement user idle time detection in systemd based Linux distributions https://github.com/BOINC/boinc/issues/1187#issuecomment-225699768
security-team@lists.fedoraproject.org