| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Jun 2017 21:38:26 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Salvatore Mesoraca <s.mesoraca16@...il.com>
Cc: linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
kernel-hardening@...ts.openwall.com,
Brad Spengler <spender@...ecurity.net>,
PaX Team <pageexec@...email.hu>,
Casey Schaufler <casey@...aufler-ca.com>,
Kees Cook <keescook@...omium.org>,
James Morris <james.l.morris@...cle.com>,
"Serge E. Hallyn" <serge@...lyn.com>, linux-usb@...r.kernel.org
Subject: Re: [PATCH 03/11] Creation of "usb_device_auth" LSM hook
On Mon, Jun 12, 2017 at 06:56:52PM +0200, Salvatore Mesoraca wrote:
> Creation of a new LSM hook that can be used to authorize or deauthorize
> new USB devices via the usb authorization interface.
> The same hook can also prevent the authorization of a USB device via
> "/sys/bus/usb/devices/DEVICE/authorized".
> Using this hook an LSM could provide an higher level of granularity
> than the current authorization interface.
>
> Signed-off-by: Salvatore Mesoraca <s.mesoraca16@...il.com>
> Cc: linux-usb@...r.kernel.org
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
No, like Krzysztof said, you can already do this today, just fine, from
userspace. I think that support has been there for over a decade now,
why are you not taking advantage of this already?
No need to add extra stuff to the kernel at all to do this, sorry you
implemented all of this for no reason :(
greg k-h
Powered by blists - more mailing lists