Re: Linux login security approaches

thomasz@hostmaster.org
Tue, 8 Dec 1998 00:33:47 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: MOLNAR Ingo: "Re: 2 switch_to() puzzles"
Previous message: Gregory McLean: "Re: WTF is this in fs/super.c"

--/04w6evG8XlLl3ft
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

> Some hours ago we had a discuss on Linux security, here at the University.
> I mentioned that Linux has got a weak point : every user can write a fake
> login program and even the system administrator can think that it's mgetty
> and type the root password :( This kind of Trojan programs can be precede=
d.
> We should define a key combination which is unmaskable by ANY process, and
> login procedures should begin by pressing this combo. However I was told =
that
> this is "an NT way" solution, but I disagree. (I don't know anything on
> NT before I've hopefully never used it :) But the idea is great. The fact

This is a required feature for C2 level security certification.
Microsoft used to use the Ctrl-Alt-Del combo in Windows NT because it trigg=
ers an unmaskable interrupt.
This feature will be gone in Windows NT Workstation 5.0 (2000).
I believe that linux can do special processing for any combo.
You could either use existing Magic SysRQ functionality: Alr-SysRq-k or wri=
te a simple program which captures the Ctrl-Alt-Del combo via init and kill=
s all processes assigned to the current VC (don=B4t know how to figure out).
In either way you introduce a big insecurity because programs like vlock or=
xlock won=B4t be reliable any longer (the same problem as in Win3 beta).

Thomas

-------------------------------------------------
T h o m a s Z e h e t b a u e r ( TZ251 )
PGP encrypted mail preferred - KeyID 96FFCB89
mail pgp-key-request@hostmaster.org
-------------------------------------------------

--/04w6evG8XlLl3ft
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQEVAgUBNmxl2mD1OYqW/8uJAQEZpgf9FXSghv4rH9BKsXy4Im3Sh0wrFP/BLUv2
3j7rZNs+fAz3oChtudL9NUQOSBHXgBOKUL3/wVRPKLUKEx+XTSpbcvZoPvUMOg6n
AZ1Ab6SKyIInneVPdHhZRz8W1Lj+ZRaTSyG8c9c/93oEIW1NrKsNloAYXwdr0gtw
5zZmZ0gpSoqcAREYn2zhIxpH8cUVhBEnin0yYCxOzL71du8MgspCcFy30o1bEVoQ
YC4wRV0dtg2b1jXDWBFaFNtIbRV6OGreA81H/YqNX+cH/UthGER9v2nIUanqGuGw
ozORywomngEzhRIQXtnicd+AXClovNjTCzeHmLKGyw8cPtwyrcxz2w==
=VKsn
-----END PGP SIGNATURE-----

--/04w6evG8XlLl3ft--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: MOLNAR Ingo: "Re: 2 switch_to() puzzles"
Previous message: Gregory McLean: "Re: WTF is this in fs/super.c"