This looks nice enough I think :) Maybe login can be modified (of course
with a switch to allow to select between this new and the old policy.
And now it's the sysadm's right to select the right policy for his
envirnoment).
> One could still write a little program which shows a login prompt and hope
> that one user will think that the timeout was not reached till now and
> login without pressing the SAK - but NT has the same problem and your
> kernel-level solution would have too.
Timeout can be few seconds. After pressing SAK it's easy to begin typing
password in eg one second or so ...
> Ad X11: Ctrl-Alt-Backspace terminates the running X Server and xdm starts
> a new one. That _exaclty_ the same thing as SAK on a terminal. With SAK
> all progs connected to the terminal line will be killed and init starts
> a new login prozess. It should be easy to add this timeout stuff to the
> xdm login promt too.
Yeah. Exactly. But the same thing must be implented here too : some
prompt that you must press ctrl-alt-bs in case of timeout. However this
combo restarts X server which can be slow and resource sensitive when
you miss to type your password with eg 2 seconds timeout and this "fault" of
you requires a whole x server restarting ?
---[ LGB/DC ]------------------[ root@hal2000 ]-----------------[ LINUX ]---
"The truth is out there" "We're living together" "The future is dark."
---[ 88/422022-4602 ]--[ http://www.hal.vein.hu/~lgb ]------[ 87/477074 ]---
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/