Am 10.12.2015 um 17:02 schrieb Michael H <michael@xxxxxxxxxx>:
>
> On 10/12/15 15:49, Leon Fauster wrote:
>> Am 10.12.2015 um 11:11 schrieb Michael H <michael@xxxxxxxxxx>:
>>>
>>>
>>> On 10/12/15 10:02, Leon Fauster wrote:
>>> I've achieved disabling USB devices and then allowing specific vendors /
>>> products using UDEV rules.
>>>
>>> How can I disable PTP automounting without removing the libgphoto2 package?
>>>
>>> We are allowing a specific set of usb devices to be used in the company,
>>> one of the things we want to block is any kind of file transfer between
>>> mobile devices and our systems. Unfortunately it's not just a complete
>>> block on devices.
>>
>>
>>
>> A legitimately approach but from a security point of view its not the best one.
>> No authentication, no authorization mechanism and USB IDs can be forgeable.
>
> We are simply trying to block people who are unaware their phone may be
> compromised. We understand that if someone puts their mind to it they
> will still be able to get past the udev rules but it's a good starting
> point.
>
> any clues on disabling PTP (photo transfer protocol) without removing
> the libgphoto2 package?
I have not handled such scenario but I would take a closer
look at that functionality; like these files of libgphoto2 (EL6)
/usr/lib64/libgphoto2/2.4.7/ptp2.so
/usr/lib64/libgphoto2_port/0.8.0/ptpip.so
/usr/lib64/udev/check-ptp-camera
/usr/lib64/udev/check-mtp-device
/usr/lib64/udev/check-ptp-camera
/lib/udev/rules.d/40-libgphoto2.rules
the former ones looks like "plugins" for libgphoto2
the latter ones seems to control such functionality
your solution should be repackaged or enforced on
every libgphoto2 update ...
--
LF
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
