Disabling USB ports to prevent unauthorized data transfers
Nifty Hat Mitch
mitch48 at sbcglobal.net
Fri Aug 20 07:51:59 UTC 2004
On Wed, Aug 18, 2004 at 09:42:04AM -0500, David L Norris wrote:
> On Wed, 2004-08-18 at 16:28 +0530, Murali Potla wrote:
> > Non-storage devices such as scanners or mice can use the USB port. Any
> > storage device, including cameras, disk drives or handheld devices
> > should not be allowed . Is this possible under Linux (Fedora Core 1).
>
> In /etc/modules.conf you should be able to add:
> alias usb-storage off
>
>
> Or, at worst, erase the usb-storage driver module.
This is almost an inverse google topic. ;)
So many people have trouble mounting USB devices that there is a long
list of archived discussions on how to mount them. Look at the posted
solutions inside out. i.e. as ways to disable the function and read
them for the underlying cause and effect.
The value in this is that you might overlook something if your
requirements are non trivial.
The usb-storage module and device permissions are a good place to start.
Watch out for device renaming.
Permissions and turning automount style services off limits things
such that root access is required. Do you have users with root access
that you need to manage? If so good luck...
Start with a list of necessary usb devices. If the list is short
enough (zero) you can remove or do the module off thing and fully
disable USB.
A tangled list of requirements requires thought.
--
T o m M i t c h e l l
Just say no to 74LS73 in 2004
More information about the fedora-list
mailing list