Date: Fri, 8 Aug 2014 14:20:23 -0700 From: Greg KH <greg@...ah.com> To: oss-security@...ts.openwall.com Subject: Re: BadUSB discussion On Fri, Aug 08, 2014 at 11:03:58PM +0200, Yves-Alexis Perez wrote: > On ven., 2014-08-08 at 22:41 +0200, Yves-Alexis Perez wrote: > > > > > > Then do just that, Linux has allowed you to do this for years, again, > > > but very few people take advantage of it. > > > > Reading that thread, that's exactly what I thought about that. I guess > > it could be a good idea to set usbcore.authorized_default to 0 when the > > systems is locked (logind could provide that information). There's still > > the issue that it's then not possible to unlock the system in some > > situation (for example because you had to unplug the keyboard while > > logged out, or stuff like that). But at least that would be a > > possibility. > > Actually, since it's a module parameter, it doesn't seem possible to > toggle it without reloading the module (or rebooting if it's builtin). > So it might not be that easy to do the locking part. echo "0" > /sys/module/usbcore/parameters/authorized_default
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.