Kevin Faulkner wrote:
Fajar Priyanto wrote:
On Friday 23 May 2008 14:16:45 whoami i wrote:
This is my first mail to this mailing list.I want to block external usb storage completly on my server running on centos 5 having confidiential data.
- unplug any usb storage
- rmmod ehci_hcd
- add a line in /etc/modprobe.d/blacklist
blacklist ehci_hcd
Wouldn't that prevent him from using USB as a whole? perhaps a udev rule would play nicely here.
Yeah, a udev setting 660 or 600 perms to usb devices would only allow admins or admins + those in a "trusted group" to use USB devices.
You would also need to make sure the rules under /etc/security don't override those set by udev.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.