plover icon indicating copy to clipboard operation
plover copied to clipboard
verified publisher icon openstenoproject

Use InputPlumber to request access to /dev/uinput

Open Pandapip1 opened this issue 6 months ago • 5 comments

Is your feature request related to a problem? Please describe.

I need to sudo chmod 666 /dev/uinput or otherwise give my user access to /dev/uinput (via udev) before running plover. This is not great as it's a giant security hole.

Describe the solution you'd like

InputPlumber could be used to access the same functionality as uinput without exposing it to all processes running as my user (at least, once actual polkit checks are added by InputPlumber).

Describe alternatives you've considered

Plover could add a udev rule that sets /dev/uinput to be owned by a group and add g+rw, and then setgid itself, but this is a hacky workaround and the D-Bus API is the proper way to do this anyway.

Additional context

N.A.

Pandapip1 avatar Jun 24 '25 18:06 Pandapip1

This seems to relate to this method: https://github.com/openstenoproject/plover/blob/497a3620c380c24e6b967725a35d02e5bc3f1555/linux/appimage/apprun.sh#L65

Are you running the AppImage?

mkrnr avatar Jun 24 '25 19:06 mkrnr

Nope, I'm on NixOS. I'm aware udev rules are a solution (I mentioned as much), although I didn't realize the AppImage came packaged with it. This is very specifically that I personally would like to not let every program I run have access to /dev/uinput.

I came across https://github.com/ShadowBlip/InputPlumber?tab=readme-ov-file#intercept-mode, which seems to be exactly the daemon I'm looking for (although it doesn't seem to have authentication?). Thoughts?

Pandapip1 avatar Jun 24 '25 19:06 Pandapip1

Thanks for the context!

Sounds very reasonable to me but I'm not an expert on this so wouldn't want to make a call.

Maybe @LilleAila has some thoughts on this?

mkrnr avatar Jun 24 '25 19:06 mkrnr

Thanks for the context!

Sounds very reasonable to me but I'm not an expert on this so wouldn't want to make a call.

Maybe @LilleAila has some thoughts on this?

I absolutely think something like this should be done, and i too was skeptical about the solution i ended up with, as it is not very secure. Doing it as described seems like the best solution, although I personally do not have any experience with that, so I do not know how to approach it.

LilleAila avatar Jun 24 '25 20:06 LilleAila

Great! I might look into doing it myself now that seemingly the hard part (the daemon) already exists.

Pandapip1 avatar Jun 24 '25 20:06 Pandapip1