[systemd-devel] Udev hardening
Adi Ml
maladi1747 at gmail.com
Mon Dec 14 15:31:17 UTC 2020
I am using udev in order to create a kiosk mode. I want to block devices
which fit a certain vid pid. I want to filter system calls anyway because I
dont know which devices are entered and I want to avoid devices which will
do unusual things like rubber ducky.
What do you mean by filtering system calls in scripts- is it needed when
the user can influence actions commited in the script ?
בתאריך יום ב׳, 14 בדצמ׳ 2020, 16:45, מאת Greg KH <
gregkh at linuxfoundation.org>:
> On Mon, Dec 14, 2020 at 04:30:58PM +0200, Adi Ml wrote:
> > Hi,
> > Is there some way to detect which system calls, I am using in udev (in
> > order to filter it)?
>
> I don't understand, if you don't know what system calls you are needing,
> why do you need to filter anything? Do you not trust udev to work
> properly?
>
> > I do not use any script, I just echo 0 to the authorized file in the
> device
> > connected in order to disable it when it is not the wanted device (the
> > match is based on serial number, vid, pid)
>
> Udev calls loads of helper tools in order to generate persistent names.
> If you don't have any udev rules that call anything, then what do you
> need udev for?
>
> thanks,
>
> greg k-h
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20201214/c6bce486/attachment.htm>
More information about the systemd-devel
mailing list