Blocking new devices with UDEV?

[Adrian Crenshaw <irongeek () irongeek com>]

Hi all,
   I'm trying to figure out how to block the install of new USB hardware in
Linux, sort of like how I can do it in Windows:

http://www.irongeek.com/i.php?page=security/locking-down-windows-vista-and-windows-7-against-malicious-usb-devices

I'm using blacklisting Dell stuff by vendor ID as an example, though it's
not my end goal I'm just trying to figure out how things work.

I do a "cat /proc/bus/input/devices" to figure out which keyboard is which,
then a "udevadm info -a -p /class/input/input10" to probe it for strings I
can use in a udev rule. My rule looks like this (I tried two different ones,
and commented things out):

ATTRS{idVendor}=="413c", MODE="0000", RUN+="/opt/kde3/bin/kate"
#ATTR{modalias}=="input:b0003v413Cp2106e0110-e0,1,4,11,14,k71,72,73,74,75,77,79,7A,7B,7C,7D,7E,7F,80,81,82,83,84,85,86,87,88,89,8A,8C,8E,96,98,9E,9F,A1,A3,A4,A5,A6,AD,B0,B1,B2,B3,B4,B7,B8,B9,BA,BB,BC,BD,BE,BF,C0,C1,C2,F0,ram4,l0,1,2,sfw",
MODE="0000", RUN+="/opt/kde3/bin/kate"


Neather seems to do anything. Any ideas? I'm also not sure how to make some
rules override others. Yes, I've seen
http://www.reactivated.net/writing_udev_rules.html#external-run but it's not
really helping me.

Thanks,
Adrian

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com