Date: Fri, 08 Aug 2014 23:03:58 +0200 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: BadUSB discussion On ven., 2014-08-08 at 22:41 +0200, Yves-Alexis Perez wrote: > > > > Then do just that, Linux has allowed you to do this for years, again, > > but very few people take advantage of it. > > Reading that thread, that's exactly what I thought about that. I guess > it could be a good idea to set usbcore.authorized_default to 0 when the > systems is locked (logind could provide that information). There's still > the issue that it's then not possible to unlock the system in some > situation (for example because you had to unplug the keyboard while > logged out, or stuff like that). But at least that would be a > possibility. Actually, since it's a module parameter, it doesn't seem possible to toggle it without reloading the module (or rebooting if it's builtin). So it might not be that easy to do the locking part. Regards, -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.