[PATCH 03/11] Creation of "usb_device_auth" LSM hook
k.opasiak at samsung.com
Mon Jun 12 17:35:06 UTC 2017
On 06/12/2017 06:56 PM, Salvatore Mesoraca wrote:
> Creation of a new LSM hook that can be used to authorize or deauthorize
> new USB devices via the usb authorization interface.
> The same hook can also prevent the authorization of a USB device via
> Using this hook an LSM could provide an higher level of granularity
> than the current authorization interface.
Could you please explain me why we need LSM for this?
There are tools like usbguard and as far as I can tell it looks like
they can do everything for you...
Without kernel modification...
without matching and storing rules inside kernel..
just pure userspace which uses device/interface authorization
1 - https://dkopecek.github.io/usbguard/
Samsung R&D Institute Poland
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive