auditing removable media
Richard Guy Briggs
rgb at redhat.com
Tue Jan 21 20:16:54 UTC 2020
Hi Burn, and all,
I've been aware of this issue for a while now, but wasn't directly
working on it. Now that I'm taking a closer look at this issue, I am
wondering how much USBGuard changes the equation?
https://www.kernel.org/doc/Documentation/usb/authorization.txt
https://usbguard.github.io/
https://github.com/USBGuard/usbguard
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using-usbguard
It has tools to generate baseline lists of devices, but this is only for
usb. Other interfaces would need to be appropriately instrumented.
- RGB
--
Richard Guy Briggs <rgb at redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
More information about the Linux-audit
mailing list