Re: Linux login security approaches

Neil Conway (nconway.list@ukaea.org.uk)
Tue, 8 Dec 1998 13:28:12 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jochen Heuer: "Re: Linux 2.1.131ac5 released"
Previous message: Jon Wikne: "2.1.131 swapping oops"

thomasz@hostmaster.org wrote:
>
> > Some hours ago we had a discuss on Linux security, here at the University.
> > I mentioned that Linux has got a weak point : every user can write a fake
> > login program and even the system administrator can think that it's mgetty
> > and type the root password :( This kind of Trojan programs can be preceded.
> > We should define a key combination which is unmaskable by ANY process, and
> > login procedures should begin by pressing this combo. However I was told that
> > this is "an NT way" solution, but I disagree. (I don't know anything on
> > NT before I've hopefully never used it :) But the idea is great. The fact
>
> This is a required feature for C2 level security certification.
> Microsoft used to use the Ctrl-Alt-Del combo in Windows NT because it triggers an unmaskable interrupt.
> This feature will be gone in Windows NT Workstation 5.0 (2000).

Why will the feature be removed ? Thus losing C2 certifiability for
NT??

Linux needs some sort of "SAK" - someone else pointed out that it's
already doable with serial lines. How about with X? Does one simply do
"C-A-Backspace"?

How are people dealing with this at present?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jochen Heuer: "Re: Linux 2.1.131ac5 released"
Previous message: Jon Wikne: "2.1.131 swapping oops"