RE: Linux login security approaches

Myreen Johan (Johan.Myreen@setec.fi)
Thu, 10 Dec 1998 10:01:10 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: German Jose Gomez Garcia: "/dev/dsp busy (was: SB sound FUBAR in Quake2)"
Previous message: Oscar Levi: "Re: linux-kernel-digest V1 #2975"

>All that you guys want is already in there, just no prominently
documented
>or used,
>
>serial lines: enable SAK (man setserial)
>text console: alt-sys-K (less /usr/src/linux/Documentation/sysrq.txt)
>X console: ctl-alt-backspace (man XFree86)

Both the Magic Sysreq Key and C-A-Backspace are
intended to be debugging aids, and not to be used
as Secure Attention Keys. At least that's what their
documented purpose is, C-A-Backspace is an emergency
escape from a wedged XFree86 session, and the Magic
Sysreq Key is a security problem itself.

C-A-Backspace only kills X11, so it does not work
as a SAK if X is started from the shell and not
via xdm from init. You could drop right into a
nice trojan.

Johan Myréen
jem@iki.fi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: German Jose Gomez Garcia: "/dev/dsp busy (was: SB sound FUBAR in Quake2)"
Previous message: Oscar Levi: "Re: linux-kernel-digest V1 #2975"