Well the function of ctrl-alt-del isn't really a kernel issue,
since all it does is sends a signal to the init process. Here,
even though the servers are in a 'secure' location, it calls a
shell script to prevent accidental reboots, ie,
ca:12345:ctrlaltdel:/etc/reboot.sh </dev/tty4 >/dev/tty4
[I only have tty's on 1-3 on the servers]
#!/bin/sh
echo 'Enter password on console 4 (ALT-F4) to reboot.' > /dev/console
echo -n 'Enter password to reboot: '
stty -echo
read pass
stty echo
echo ''
case "$pass"x in
"xyzzy"x)
echo Password ok. Rebooting.
/sbin/shutdown -r -t0 now
;;
*)
echo Password wrong, not rebooting.
;;
esac
(no, the password isn't really xyzzy, but something almost that
simple since people with physical access can just turn it off anyway
and ctrl-alt-del is more friendly).
Anyway the point is that c-a-d isn't kernel-introduced insecurity if the
keyboard is in an insecure location and the computer is in a secure one,
since its behaviour is controlled by the person who configures the machine.
David.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu