[CentOS] Limiting what devices can pair over Bluetooth?

Tue Jan 14 10:27:52 UTC 2020
James Pearson <james-p at moving-picture.com>

Gordon Messmer wrote:
> On 1/13/20 2:26 AM, James Pearson wrote:
>> Which is a pity, as it's either an all or nothing with Bluetooth,
>> which means we can't use Bluetooth for Wacom tablets without opening
>> up access to file transfer over Bluetooth as well ...
> What is the threat you're trying to mitigate, specifically?  I don't see
> how pairing a tablet would allow file transfers.  An unauthorized device
> can't unilaterally pair with your system.
If you enable Bluetooth on a workstation (by starting the 'bluetooth' 
service), then a normal user on the workstation can (for example) 
transfer files to/from a mobile phone - which is something we don't allow

Users don't have to have any special perms to do this - users can pair 
with any Bluetooth devices they want

i.e. it isn't possible to control what a user can and can't do with 
Bluetooth - so it isn't possible to allow pairing with just particular 
(or classes of) Bluetooth devices

James Pearson