-# udev rules for VirtualBox OSE
+# udev rules for VirtualBox
+# Reference: https://www.virtualbox.org/browser/vbox/trunk/src/VBox/Installer/linux/installer-common.sh
+
+# Devices in Host
KERNEL=="vboxdrv", GROUP="vbox", MODE="0660"
-KERNEL=="vboxguest", GROUP="vbox", MODE="0660"
+# vboxdrvu -- the unrestricted device
+KERNEL=="vboxdrvu", GROUP="root", MODE="0666"
KERNEL=="vboxnetctl", GROUP="vbox", MODE="0660"
+
+# these lines below give access permission to vbox users to properly work with usb nodes, enabling them could be security risk:
+# https://bugzilla.novell.com/show_bug.cgi?id=664520
+SUBSYSTEM=="usb_device", ACTION=="add", RUN+="VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vbox"
+SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", RUN+="VBoxCreateUSBNode.sh $major $minor $attr{bDeviceClass} vbox"
+
+SUBSYSTEM=="usb_device", ACTION=="remove", RUN+="VBoxCreateUSBNode.sh --remove $major $minor"
+SUBSYSTEM=="usb", ACTION=="remove", ENV{DEVTYPE}=="usb_device", RUN+="VBoxCreateUSBNode.sh --remove $major $minor"
+
+# Devices in Guest, should use acl really
+KERNEL=="vboxguest", GROUP="vbox", MODE="0600"
+KERNEL=="vboxuser", GROUP="vbox", MODE="0666"