On Mon, 7 Dec 1998 14:41:43 +0100, Lenart Gabor
<lgb@hal2000.hal.vein.hu> said:
> Some hours ago we had a discuss on Linux security, here at the University.
> I mentioned that Linux has got a weak point : every user can write a fake
> login program and even the system administrator can think that it's mgetty
> and type the root password :( This kind of Trojan programs can be preceded.
> We should define a key combination which is unmaskable by ANY process, and
> login procedures should begin by pressing this combo.
It is called "secure attention key". For serial logins, you get a SAK
by sending a break (assuming you have enabled SAK: "man setserial").
For console logins, you need to enable alt-sysreq when you compile the
kernel, and "alt-sysrq-k" is the SAK key (see
linux/Documentation/sysrq.txt).
--Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/