| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9ca2c058-d562-4c9e-8d0c-695703573ed7@suse.com> Date: Mon, 30 Jun 2025 15:07:00 +0200 From: Oliver Neukum <oneukum@...e.com> To: Nicolas Bouchinet <nicolas.bouchinet@....cyber.gouv.fr>, Oliver Neukum <oneukum@...e.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org> Cc: Alan Stern <stern@...land.harvard.edu>, Kannappan R <r.kannappan@...el.com>, Sabyrzhan Tasbolatov <snovitoll@...il.com>, Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>, Stefan Eichenberger <stefan.eichenberger@...adex.com>, Thomas Gleixner <tglx@...utronix.de>, Pawel Laszczak <pawell@...ence.com>, Ma Ke <make_ruc2021@....com>, Jeff Johnson <jeff.johnson@....qualcomm.com>, Luc Bonnafoux <luc.bonnafoux@....gouv.fr>, Luc Bonnafoux <luc.bonnafoux@....cyber.gouv.fr>, Nicolas Bouchinet <nicolas.bouchinet@....gouv.fr>, linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org Subject: Re: [RFC PATCH 3/4] usb: core: Plug the usb authentication capability Hi, On 30.06.25 14:34, Nicolas Bouchinet wrote: > Hi Olivier, > > Thank you for your review. > > Indeed our current implementation of the usb authentication is still a bit > crude. that is understood, but the question here is not just whether they are crude, but whether they are sensible. You are putting the use of the authentication code in usb_new_device(). This means that the admin cannot change the settings of currently connected devices. It would seem to me that the check should go into usb_claim_interface(). Regards Oliver
Powered by blists - more mailing lists