[CentOS] Limiting what devices can pair over Bluetooth?

Thu Jan 16 10:49:23 UTC 2020
Leon Fauster <leonfauster at googlemail.com>

Am 15.01.20 um 15:02 schrieb James Pearson:
> Phil Perry wrote:
>>>> What is the threat you're trying to mitigate, specifically?  I don't 
>>>> see
>>>> how pairing a tablet would allow file transfers.  An unauthorized 
>>>> device
>>>> can't unilaterally pair with your system.
>>> If you enable Bluetooth on a workstation (by starting the 'bluetooth'
>>> service), then a normal user on the workstation can (for example)
>>> transfer files to/from a mobile phone - which is something we don't 
>>> allow
>>> Users don't have to have any special perms to do this - users can pair
>>> with any Bluetooth devices they want
>>> i.e. it isn't possible to control what a user can and can't do with
>>> Bluetooth - so it isn't possible to allow pairing with just particular
>>> (or classes of) Bluetooth devices
>> Is it possible to control behaviour with udev rules?
> No idea - I haven't found anything that allows you to 'control' 
> Bluetooth - including any mention of udev rules
> I have no idea if udev could be used in this way - nor where to start in 
> creating possible udev rules :-)
> I asked my original question on the linux-bluetooth email list - and the 
> only suggestion was hacking the Bluetooth kernel modules to 'filter 
> connection requests at the PSM level' ...

Whats the bus that your BT is connected to, USB?