Re: Linux login security approaches

David Monniaux (monniaux@clipper.ens.fr)
Sun, 13 Dec 1998 16:33:27 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Krzysztof G. Baranowski: "Re: wanpipe module has unresolved symbols"
Previous message: Jes Sorensen: "Re: PATCH: Raw device IO for 2.1.131"

I may be naive, but doesn't the following fulfill the purported security
goal, ie making sure that the prompt on the screen is actually the correct
getty/login one and not a Trojan: add to the kernel some key combination
that kills all processes operating on the current virtual console?

My .02 Euro.

-- David

PS: I know that if you let people gain physical access to a machine, it
can get compromised. However, BIOS and LILO passwords make it quite
difficult, since it means either screwing the OS or opening the case of
the computer. There are many contexts where typing things on the computer
to get access through a security hole may be doable but not opening the
case, like a computer room in an university (where people are expected to
type things on machines but not open them unless they are tech support).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Krzysztof G. Baranowski: "Re: wanpipe module has unresolved symbols"
Previous message: Jes Sorensen: "Re: PATCH: Raw device IO for 2.1.131"