[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20160405024704.GD13306@kroah.com>
Date: Mon, 4 Apr 2016 19:47:04 -0700
From: Greg KH <greg@...ah.com>
To: Wade Mealing <wmealing@...hat.com>
Cc: Steve Grubb <sgrubb@...hat.com>, linux-audit@...hat.com,
linux-usb <linux-usb@...r.kernel.org>,
linux-kernel@...r.kernel.org
Subject: Re: [RFC] Create an audit record of USB specific details
On Tue, Apr 05, 2016 at 11:54:07AM +1000, Wade Mealing wrote:
> That is a good question, maybe I've been lucky in the devices that I have
> been testing with. Most of them seem to be ascii, my assumption was that
> shouldn't be a problem. The same encoding function used by the path
> audit_log_d_path, definitely audits UTF8 named files:
>
> # ausearch -i -f /tmp/test/권성주.txt
Please look at the USB spec to see the encoding that USB strings are in.
They are in UTF-16LE, but we do some manipulation of them in the call to
usb_string() to make them semi-readable by the kernel.
But, as we aren't doing anything important with these, except printing
them out for people to lovingly gaze at, that's just fine. But if you
need to do policy decisions based on them, well, you better use the
"real" version of the string, otherwise you could run into major
problems.
But again, please step back, what are the requirements here that you are
doing this work for? If it's just for fun, wonderful, but please say so
when you post the patches so we don't take them seriously.
Well, I'm not taking them seriously now as obviously they will not work,
so I guess all is fine :)
thanks,
greg k-h
Powered by blists - more mailing lists