[CentOS] Blocking external usb storage
Ross S. W. Walker
rwalker at medallion.com
Wed Jun 4 15:43:41 UTC 2008
Kevin Faulkner wrote:
> Fajar Priyanto wrote:
> > On Friday 23 May 2008 14:16:45 whoami i wrote:
> >> This is my first mail to this mailing list.I want to block external usb
> >> storage completly on my server running on centos 5 having confidiential
> >> data.
> >
> > 1. unplug any usb storage
> > 2. rmmod ehci_hcd
> > 3. add a line in /etc/modprobe.d/blacklist
> > blacklist ehci_hcd
>
> Wouldn't that prevent him from using USB as a whole?
> perhaps a udev rule would play nicely here.
Yeah, a udev setting 660 or 600 perms to usb devices would
only allow admins or admins + those in a "trusted group" to
use USB devices.
You would also need to make sure the rules under /etc/security
don't override those set by udev.
-Ross
______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.
More information about the CentOS
mailing list