<div dir="auto"><div><br><div class="gmail_extra"><br><div class="gmail_quote">On Jan 9, 2017 10:53, "Mantas Mikulėnas" <<a href="mailto:grawity@gmail.com">grawity@gmail.com</a>> wrote:<br type="attribution"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="elided-text"><div dir="ltr" class="m_1307333011453608692gmail_msg"><div class="gmail_extra m_1307333011453608692gmail_msg"><div class="gmail_quote m_1307333011453608692gmail_msg">On Mon, Jan 9, 2017 at 11:20 AM, Lars Knudsen <span dir="ltr" class="m_1307333011453608692gmail_msg"><<a href="mailto:larsgk@gmail.com" class="m_1307333011453608692gmail_msg" target="_blank">larsgk@gmail.com</a>></span> wrote:<br class="m_1307333011453608692gmail_msg"><blockquote class="gmail_quote m_1307333011453608692gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="m_1307333011453608692gmail_msg">Hi,<div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">I am currently looking into how we can make using WebUSB devices less painful for users on Linux.</div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">The main purpose of WebUSB (as far as I can see) is to enable certain CDC (in particular - but not limited to) devices communicate directly with browsers visiting certain trusted sites (listed inside a binary object store - sent on initial handshake).<br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">The spec is here: <a href="https://wicg.github.io/webusb/" class="m_1307333011453608692gmail_msg" target="_blank">https://wicg.github.io/<wbr>webusb/</a> (already running fine in chrome stable)</div><div class="m_1307333011453608692gmail_msg">Examples:</div><div class="m_1307333011453608692gmail_msg"><a href="https://www.youtube.com/watch?v=Z1Nk2hH2wFE" class="m_1307333011453608692gmail_msg" target="_blank">https://www.youtube.com/watch?<wbr>v=Z1Nk2hH2wFE</a><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg"><a href="https://www.youtube.com/watch?v=o7wGt9RfHVA" class="m_1307333011453608692gmail_msg" target="_blank">https://www.youtube.com/watch?<wbr>v=o7wGt9RfHVA</a><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg"><a href="https://twitter.com/denladeside/status/817451203076427783" class="m_1307333011453608692gmail_msg" target="_blank">https://twitter.com/<wbr>denladeside/status/<wbr>817451203076427783</a><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">I'm guessing the solution will consist of 2 parts:</div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">1. make sure no WebUSB device is picked up by modemmanager (modemmanager task)</div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">2. make sure that webusb devices will be somehow accessible to be used by a browser running with user permissions (current temp solution listed here: adding user to plugdev, adding 0664 permissions to device: <a href="https://developers.google.com/web/updates/2016/03/access-usb-devices-on-the-web" class="m_1307333011453608692gmail_msg" target="_blank">https://developers.google.com/<wbr>web/updates/2016/03/access-<wbr>usb-devices-on-the-web</a> ) (udev/systemd task).</div><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div><div class="m_1307333011453608692gmail_msg">For 2. we need to either making all webusb devices accessible or find some other way the browsers can - in a generic way - gain access. In all cases, it's important that no USB interfaces has been pre-claimed by the system (e.g. by cdc_acm) or it should be possible for the browser to throw off the claims.</div></div></blockquote><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div></div></div></div></div><div dir="ltr" class="m_1307333011453608692gmail_msg"><div class="gmail_extra m_1307333011453608692gmail_msg"><div class="gmail_quote m_1307333011453608692gmail_msg"><div class="m_1307333011453608692gmail_msg">I'm not sure how ModemManager could possibly avoid claiming a device based on a website visit that will happen *sometime in the future*, if ever.</div></div></div></div></blockquote></div></div></div><div dir="auto">It is in the USB descriptors. Should be easy to do a clean detection. It is not likely anyone would ever make a modem with webusb descriptors.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="m_1307333011453608692gmail_msg"><div class="gmail_extra m_1307333011453608692gmail_msg"><div class="gmail_quote m_1307333011453608692gmail_msg"><div class="m_1307333011453608692gmail_msg"><br></div><div class="m_1307333011453608692gmail_msg">As for permissions, uaccess might work if the device types are known (see e.g. the Yubikey udev rules), but... somehow, it sounds like webapps will end up being more privileged than local software, a bit odd.</div><font color="#888888"><div class="m_1307333011453608692gmail_msg"><br class="m_1307333011453608692gmail_msg"></div></font></div></div></div><font color="#888888"><div dir="ltr" class="m_1307333011453608692gmail_msg"><div class="gmail_extra m_1307333011453608692gmail_msg">-- <br class="m_1307333011453608692gmail_msg"><div class="m_1307333011453608692m_4862466945405406766gmail_signature m_1307333011453608692gmail_msg" data-smartmail="gmail_signature"><div dir="ltr" class="m_1307333011453608692gmail_msg">Mantas Mikulėnas <<a href="mailto:grawity@gmail.com" class="m_1307333011453608692gmail_msg" target="_blank">grawity@gmail.com</a>></div></div>
</div></div><div dir="ltr">-- <br></div><div data-smartmail="gmail_signature"><p dir="ltr">Mantas Mikulėnas <<a href="mailto:grawity@gmail.com" target="_blank">grawity@gmail.com</a>><br>
Sent from my phone</p>
</div>
</font></blockquote></div><br></div></div></div>