Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 09 Aug 2014 11:17:47 +0200
From: Yves-Alexis Perez <corsac@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: BadUSB discussion

On ven., 2014-08-08 at 14:36 -0700, Greg KH wrote:
> On Fri, Aug 08, 2014 at 11:27:06PM +0200, Yves-Alexis Perez wrote:
> > On ven., 2014-08-08 at 14:20 -0700, Greg KH wrote:
> > > > Actually, since it's a module parameter, it doesn't seem possible to
> > > > toggle it without reloading the module (or rebooting if it's
> > > builtin).
> > > > So it might not be that easy to do the locking part.
> > > 
> > > echo "0" > /sys/module/usbcore/parameters/authorized_default
> > 
> > I did that, but unplugging/replugging my mouse still works after that.
> 
> Hm, not good, take it to the linux-usb@...r.kernel.org mailing list and
> we can debug it there.
> 
To follow up on this.

The correct way to do this is to do:

for bus in /sys/bus/usb/usb*;
do
  echo 0 > ${bus}/authorized_default
done

to disable registration of new USB devices (kernel will still enumerate
them, but no driver will handle them).

Echo 1 (or -1) to re-enable registration. Current devices will keep
working. If you want to completely disable a bus (including power), use
'authorized' instead of 'authorized_default' sysfs entry.

Regards,
-- 
Yves-Alexis

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.