On Thu, 2004-12-16 at 22:44 +0200, ocl wrote: > Ron Johnson wrote on 2004-12-16 18:20: > >>IMO, anything that is likely to bring in, or take out data (inc. > >>binaries) needs to be authorized and authenticated. Linux is no > >>exception. > > > > Here, Linux is at an advantage, since if "IT" doesn't want lusers > > to to able to use thumb drives, iPods, external USB/ieee1394 hard > > drives, etc, then, well: > > # rm /lib/modules/`uname -r`/kernel/drivers/usb/storage/usb-storage.ko > > # rm /lib/modules/`uname -r`/kernel/drivers/ieee1394/sbp2.ko > > # apt-get --purge remove libgphoto2 > > etc, etc. > > That looks like a mallet solution to me. I would like a little > more usable one than unplugging the thing all together ;-) I dunno. Sounds pretty useful to me. > It's not that we won't want to let /them/ *ever* use such > devices, the imperative thing is who + where + when. Some places *do* want such restrictions. > Keywords were 'authorized' and 'authenticated'... I bet that custom udev rules could handle that. -- ----------------------------------------------------------------- Ron Johnson, Jr. Jefferson, LA USA PGP Key ID 8834C06B I prefer encrypted mail. "You may either win your peace or buy it: win it, by resistance to evil; buy it, by compromise with evil." John Ruskin
Attachment:
signature.asc
Description: This is a digitally signed message part