> And your idea (and even alt-printscreen-k) has got a problem :
> user *CAN* login when he forget to check if it's a trojan (by pressing
> alt-printscreen-k for example). There should be a solution which do not
> allow the begin the login procedure before the key combo !
That's just userlevel stuff. You can add a timeout to the login binary.
As soon as this timeout is reached it will print out a message like
'Login time out -> please press the SAK'
This would give it the same security level as the NT login. Whe pressing
Ctrl-Alt-Del on the NT login screen it gives you the login prompt and
after a while it switches back to the 'Press Ctrl-Alt-Del to login'
message.
One could still write a little program which shows a login prompt and hope
that one user will think that the timeout was not reached till now and
login without pressing the SAK - but NT has the same problem and your
kernel-level solution would have too.
Ad X11: Ctrl-Alt-Backspace terminates the running X Server and xdm starts
a new one. That _exaclty_ the same thing as SAK on a terminal. With SAK
all progs connected to the terminal line will be killed and init starts
a new login prozess. It should be easy to add this timeout stuff to the
xdm login promt too.
happy hacking,
- clifford
-- -- -- -- -- -- -- -- -- -- -- -- --
Clifford Wolf (CEO and CTO)
The ROCK Projects Workgoup IRC: IRCnet / clifford
http://www.rock-projects.com/ http://www.clifford.at/
e-mail: c.wolf@rock-projects.com email: god@clifford.at
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/