home | list info | list archive | date index | thread index

Re: how to limit HID qr scanners

On 2020-04-14 11:05, Peter Sjöberg wrote:
> Sounds like you can make the foot pedal send the media buttons, how
> would you prevent it from send anything else that the OS can pick up and
> act on ?
> What I mean is imagine that the foot pedal sends ctrl-alt-del or any
> other key combination - how would you prevent the OS to pick it up? Just
> telling the OS to not react on ctrl-alt-del is not a solution since I
> need to block _all_ combinations.

The OS does not interpret data like that.

You might have an application that opens and reads the HID device, had done some ioctls to see it has some buttons and
maybe one or two valuators, and interprets the meaning of values sent from those buttons or valuators.

If you have the Linux console application running on a keyvoard, it might do something with a combination of buttons
that can be interpreted as a key chord of control+alt+delete being held down. Dunno.  All the OS knows is that the
device has sent a bunch of button-down events for buttons 0x1d, 0x38, and 0x53.  If you application chooses to send an
OS shutdown message when it detects the state of having seen those button-down events without having seen equivalent
button-up events for some amount of de-bounce time, then it does.  Nothing going to stop you.

If you want to stop arbitrary devices from sending arbitrary data to applications from within the kernel, you simply
have to write a device driver and insert it into the handling chain so that when an application does a read() on the
device, those various events get filtered out.  If you want to whitelist some applications, that too can be hooked into

Stephen M. Webb  <stephen [ dot ] webb [ at ] bregmasoft [ dot ] ca>

Attachment: signature.asc
Description: OpenPGP digital signature


message navigation