Re: Poisontap security issue of NetworkManager?

On Mon, 21 Nov 2016, Claudius Heine wrote:

On 21.11.2016 13:07, Lubomir Rintel wrote:
On Thu, 2016-11-17 at 12:10 +0100, Claudius Heine wrote:

I think the main issue is, that the network device is automatically
setup via dhcp by tools like NetworkManager & co.

That is a feature. You generally want network connectivity when you
plugin a network adapter with a cable in it.

Yes. And a nice one ;)

It's a nice feature when working at the computer.  What poisontap
is complaining about, however, is that USB ports should not do anything
automatically while the screen is locked.

Now, for a workstation, yes you pretty much want "Lock Screen" to lock
everything down, including USB ports.

However, for a server, you might want an end user to plug in a USB
device during your remote support session without logging in to the

In any case, if there is anything done to lock more than the screen
and keyboard, I think it should be at the udev level - not in
NetworkManager.  The lockscreen/screensaver app needs to tell udev
to stop activating things until unlocked.

Meanwhile, I have to keep taking my laptop into the restroom...

              Stuart D. Gathman <stuart gathman org>
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]