| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 4 Apr 2016 19:47:04 -0700 From: Greg KH <greg@...ah.com> To: Wade Mealing <wmealing@...hat.com> Cc: Steve Grubb <sgrubb@...hat.com>, linux-audit@...hat.com, linux-usb <linux-usb@...r.kernel.org>, linux-kernel@...r.kernel.org Subject: Re: [RFC] Create an audit record of USB specific details On Tue, Apr 05, 2016 at 11:54:07AM +1000, Wade Mealing wrote: > That is a good question, maybe I've been lucky in the devices that I have > been testing with. Most of them seem to be ascii, my assumption was that > shouldn't be a problem. The same encoding function used by the path > audit_log_d_path, definitely audits UTF8 named files: > > # ausearch -i -f /tmp/test/권성주.txt Please look at the USB spec to see the encoding that USB strings are in. They are in UTF-16LE, but we do some manipulation of them in the call to usb_string() to make them semi-readable by the kernel. But, as we aren't doing anything important with these, except printing them out for people to lovingly gaze at, that's just fine. But if you need to do policy decisions based on them, well, you better use the "real" version of the string, otherwise you could run into major problems. But again, please step back, what are the requirements here that you are doing this work for? If it's just for fun, wonderful, but please say so when you post the patches so we don't take them seriously. Well, I'm not taking them seriously now as obviously they will not work, so I guess all is fine :) thanks, greg k-h
Powered by blists - more mailing lists