On Tue, Aug 04, 2009 at 04:53:43PM -0400, Alan Stern wrote:
> On Tue, 4 Aug 2009, anstrad@xxxxxxxxx wrote:
>
> > Hi
> > i teach computer science in a high school and i want to use some pc
> > supporting ubuntu or other linux version;
> > from a security point of view i want
> > to prevent students from using usb flash devices to copy files from pc or
> > to
> > copy files in the pc.
> > I wrote this kind of rule for udev (i named it 10-
> > chiavetta-usb.rules)
> >
> > ACTION=="add", KERNEL=="sd[b-z][0-9]*", SUBSYSTEM=="usb",
> > ATTRS{removable}=="True", ATTRS{product}=="?*", NAME="chiavettausb%k",
> > GROUP="
> > root" OWNER="root"
> >
> > but it has a strange behavior: when an unprivileged user
> > (as ubuntu define it) insert a usb flash device the system mount it and
> > create
> > the directory with the owner the current user (not root as specified by the
> > udev rule) and when inserting a second usb flash device the system create
> > the
> > directory but with root as owner denying the access to the user: i want
> > that
> > each inserted usb flash device cannot be mounted by the unprivileged user.
> >
> >
> > What is wrong with my udev rule? I am new with linux and system
> > administration.
>
> Several things are wrong with the rule. The main problem is that it
> specifies the ownership of the USB device, but not the ownership of any
> directories.
You could use this rule to write to the "authorized" file in sysfs for
the USB device to disable it. That is what I have seen other people do.
good luck,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
