We are currently trying to implement a policy that dictates that some users may use usb mass storage devices and others may not. These users can use any device available in the company. Is there any way to implement this in linux (debian)? We have so far disabled globally by preventing the usb_storage module from loading, but this prevents users with permissions to use from doing so. Any suggestion is welcome
Asked
Active
Viewed 60 times
1 Answers
0
If this is on a Debian based system, maybe have a look into plugdev
group permissions.
If that doesn't pan out, the only other thing I can think of is putting the privileged users into a security group and allow them to use sudo
to run modprobe
to load the usb_storage
module or some other command. This isn't ideal since they would have to remember to unload the module as well.
Server Fault
- 3,454
- 7
- 48
- 88