Bug 566976 - sane: missing several Brother scanners in udev rules
Summary: sane: missing several Brother scanners in udev rules
Status: RESOLVED UPSTREAM
Alias: None
Product: openSUSE 11.2
Classification: openSUSE
Component: Other (show other bugs)
Version: Final
Hardware: Other Other
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: Johannes Meixner
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-23 10:31 UTC by Stanislav Brabec
Modified: 2009-12-28 17:05 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stanislav Brabec 2009-12-23 10:31:21 UTC 
According to bug 559697 comment 37, several Brother scanner USB IDs are missing in the /etc/udev/rules.d/55-libsane.rules.

The fix seems to be trivial.

The problem probably affects older products that support these scanners (11.1, SLED11) and should be fixed upstream as well.
Comment 1 Johannes Meixner 2009-12-23 11:54:31 UTC 
The content in /etc/udev/rules.d/55-libsane.rules
is what the upstream project SANE provides at
http://www.sane-project.org/

To get more USB scanners added there, the particular user
who has such a scanner should post a mail on
the sane-devel@lists.alioth.debian.org list
with his snippet in libsane.rules which he added.

Furthermore Brother's instructions at 
http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/instruction_scn1c.html
are insecure because the USB model ID is missing, see
http://lists.opensuse.org/opensuse-de/2009-11/msg01623.html
(German only).

Therefore I will not add such kind of insecure stuff.

Ahh!
For openSUSE11.2 there is no longer a useless GROUP="scanner"
but now it is GROUP="lp" which is one step forward but
the USB model ID is still missing.

I will add a comment to bug 559697.
Comment 2 pierre Labarbe 2009-12-23 12:35:32 UTC 
in the bug report 


comment I have wrotten 

IIf uou open this web page 

http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/faq_scn.html

and yoy select 

When scanning I receive the error "Error during device I/O".

you find this page

"# When scanning I receive the error "Error during device I/O".


The Brother Linux scanner driver works only with a superuser by default.
To use it with a normal user, you will have to make some settings.
Setting for normal users "

setting for normal user give 

"openSUSE11.2
    1. Open "/etc/udev/rules.d/55-libsane.rules"
    2. Add the following 2 lines at the last of the device entry. (just before
"# The following rule...")

    # Brother
    ATTR{idVendor}=="04f9", MODE="0664", GROUP="lp", ENV{libsane_matched}="yes"

    3. Restart the OS.

page top

openSUSE 11.1
    1. Open "/etc/udev/rules.d/55-libsane.rules"
    2. Add 2 lines for Brother products.

    The lines to be added---------------------------------

    #Brother
    ATTR{idVendor}=="04f9", MODE="0666", GROUP="scanner",
ENV{libsane_matched}="yes""

it is different for suse 11.1 and suse 11.2

during my instal this information was not updated and i have modified like for
suse 11.1 

now I modified 55 libsane rules and I get the same problem

I observe that mode is 664 and every where "mode 664" ha to bee replace  by 
"mode 666"

I wil try to replace 664 by 666 and will give the result


In fact with  664 or 666 it is the  same problem ,

 but about the suggestion of brother what is true ??????

for your information ,as it is suggested i have send a mail to sane-devel@lists.alioth.debian.org list

Thanks
Comment 3 Johannes Meixner 2009-12-23 12:41:43 UTC 
Short translation of what I wrote in
http://lists.opensuse.org/opensuse-de/2009-11/msg01623.html

GROUP="scanner" is useless because there is
no such group in openSUSE and it is meaningless
when MODE="0666" allows access for arbitrary users.

Only {idVendor}=="04f9" (without specific {idProduct}=="...")
is insecure because together with MODE="0666" it allows access
to any kind of Brother USB devices for arbitrary users.
If there exist Brother USB keyboards and/or Brother USB
mass storage devices (including e.g. cameras),
arbitrary users could sniff anything which is typed in
on any Brother USB keyboard (e.g. passwords) and/or read any
possibly secret file on any Brother USB mass storage device.
Comment 4 pierre Labarbe 2009-12-28 17:05:19 UTC 
Thanks for all the comments , I have studied them 

I have understood that when brother give the solution to add the 2 lines 

"    ATTR{idVendor}=="04f9", MODE="0666", GROUP="scanner",
ENV{libsane_matched}="yes""
"

it is dangerous because theri now id products 

but I use it with suse 11 11.0 wihout any problem , becase, perhaps I have not device  Broyher exeptly my scaner

But I am not sure to get this id 

I send a mai to sane-devel@lists.alioth.debian.org

I got this answer 

"Your mail to 'sane-devel' with the subject

    Addition of dcp7030 Brother printer end scaner device

Is being held until the list moderator can review it for approval.

The reason it is being held:

    Post by non-member to a members-only list"

I have also visited sane site , but I was suprised to discover that that Brother's scaners are not in the positiv list