[CentOS] Limiting what devices can pair over Bluetooth?

Wed Jan 15 14:02:38 UTC 2020
James Pearson <james-p at moving-picture.com>

Phil Perry wrote:
>>> What is the threat you're trying to mitigate, specifically?  I don't see
>>> how pairing a tablet would allow file transfers.  An unauthorized device
>>> can't unilaterally pair with your system.
>> If you enable Bluetooth on a workstation (by starting the 'bluetooth'
>> service), then a normal user on the workstation can (for example)
>> transfer files to/from a mobile phone - which is something we don't allow
>> Users don't have to have any special perms to do this - users can pair
>> with any Bluetooth devices they want
>> i.e. it isn't possible to control what a user can and can't do with
>> Bluetooth - so it isn't possible to allow pairing with just particular
>> (or classes of) Bluetooth devices
> Is it possible to control behaviour with udev rules?

No idea - I haven't found anything that allows you to 'control' 
Bluetooth - including any mention of udev rules

I have no idea if udev could be used in this way - nor where to start in 
creating possible udev rules :-)

I asked my original question on the linux-bluetooth email list - and the 
only suggestion was hacking the Bluetooth kernel modules to 'filter 
connection requests at the PSM level' ...


James Pearson