<html> <head> <base href="https://bugs.freedesktop.org/" /> </head> <body><span class="vcard"><a class="email" href="mailto:fdo-bugs@cryptobitch.de" title="Tobias Mueller <fdo-bugs@cryptobitch.de>"> <span class="fn">Tobias Mueller</span></a> </span> changed <a class="bz_bug_link bz_status_NEW " title="NEW - RFE: option to lock USB ports when no session is opened" href="https://bugs.freedesktop.org/show_bug.cgi?id=82369">bug 82369</a> <br> <table border="1" cellspacing="0" cellpadding="8"> <tr> <th>What</th> <th>Removed</th> <th>Added</th> </tr> <tr> <td style="text-align:right;">CC</td> <td> </td> <td>fdo-bugs@cryptobitch.de </td> </tr></table> <p> <div> <b><a class="bz_bug_link bz_status_NEW " title="NEW - RFE: option to lock USB ports when no session is opened" href="https://bugs.freedesktop.org/show_bug.cgi?id=82369#c3">Comment # 3</a> on <a class="bz_bug_link bz_status_NEW " title="NEW - RFE: option to lock USB ports when no session is opened" href="https://bugs.freedesktop.org/show_bug.cgi?id=82369">bug 82369</a> from <span class="vcard"><a class="email" href="mailto:fdo-bugs@cryptobitch.de" title="Tobias Mueller <fdo-bugs@cryptobitch.de>"> <span class="fn">Tobias Mueller</span></a> </span></b> <pre>I can see benefits. For one, a keyboard is usually a relatively dumb HID device. So not much harm caused. Especially not if you already had the very same vendorid and productid attached. The attack surface is certainly smaller when only allowing a limited set of (already seen) devices. Spontaneously, that would would be a great security feature for single user machines running contemporary desktops.</pre> </div> </p> <hr> <span>You are receiving this mail because:</span> <ul> <li>You are the QA Contact for the bug.</li> <li>You are the assignee for the bug.</li> </ul> </body> </html>