Am 10.12.2015 um 17:02 schrieb Michael H michael@wemoto.com:
On 10/12/15 15:49, Leon Fauster wrote:
Am 10.12.2015 um 11:11 schrieb Michael H michael@wemoto.com:
On 10/12/15 10:02, Leon Fauster wrote: I've achieved disabling USB devices and then allowing specific vendors / products using UDEV rules.
How can I disable PTP automounting without removing the libgphoto2 package?
We are allowing a specific set of usb devices to be used in the company, one of the things we want to block is any kind of file transfer between mobile devices and our systems. Unfortunately it's not just a complete block on devices.
A legitimately approach but from a security point of view its not the best one. No authentication, no authorization mechanism and USB IDs can be forgeable.
We are simply trying to block people who are unaware their phone may be compromised. We understand that if someone puts their mind to it they will still be able to get past the udev rules but it's a good starting point.
any clues on disabling PTP (photo transfer protocol) without removing the libgphoto2 package?
I have not handled such scenario but I would take a closer look at that functionality; like these files of libgphoto2 (EL6)
/usr/lib64/libgphoto2/2.4.7/ptp2.so /usr/lib64/libgphoto2_port/0.8.0/ptpip.so /usr/lib64/udev/check-ptp-camera
/usr/lib64/udev/check-mtp-device /usr/lib64/udev/check-ptp-camera /lib/udev/rules.d/40-libgphoto2.rules
the former ones looks like "plugins" for libgphoto2 the latter ones seems to control such functionality
your solution should be repackaged or enforced on every libgphoto2 update ...
-- LF