On 10/06/14 22:30, Poul-Henning Kamp wrote:
In message <201410061956.s96ju8s3089...@fire.js.berklix.net>, "Julian H. Stacey
" writes:

For FreeBSD,
  I guess for serious security, every new device that is connected
  & recognised by /sbin/devd should in future be personaly authorised
  by a human !  One can no longer trust what reports itself to be
  eg a keyboard to actually Be a keyboard, etc.

"no longer" ?

When you could you *ever* trust a USB device about anything ?


You should not assume you can trust hardware :-) Especially removable hardware.

It is possible to add a sysctl to halt the probing of USB devices, so that USB devices can only be detached from the system. The problem is that if the main input is a USB keyboard and that goes away, you have no easy way to recover your system ...

Anyway, USB 2.0 and 1.0 are broadcast based, and technically one device might highjack the traffic of another one.

freebsd-usb@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-usb-unsubscr...@freebsd.org"

Reply via email to