oss-sec mailing list archives
Re: BadUSB discussion
From: Yves-Alexis Perez <corsac () debian org>
Date: Fri, 08 Aug 2014 23:03:58 +0200
On ven., 2014-08-08 at 22:41 +0200, Yves-Alexis Perez wrote:
Then do just that, Linux has allowed you to do this for years, again, but very few people take advantage of it.Reading that thread, that's exactly what I thought about that. I guess it could be a good idea to set usbcore.authorized_default to 0 when the systems is locked (logind could provide that information). There's still the issue that it's then not possible to unlock the system in some situation (for example because you had to unplug the keyboard while logged out, or stuff like that). But at least that would be a possibility.
Actually, since it's a module parameter, it doesn't seem possible to toggle it without reloading the module (or rebooting if it's builtin). So it might not be that easy to do the locking part. Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: BadUSB discussion, (continued)
- Re: BadUSB discussion Eddie Chapman (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Eddie Chapman (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Eddie Chapman (Aug 08)
- Re: BadUSB discussion lazytyped (Aug 09)
- Re: BadUSB discussion Dean Pierce (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion (GalaxyMaster) (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 09)
- Re: BadUSB discussion Vincent Lefevre (Aug 14)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion Rich Felker (Aug 08)