[Bug 237721] Re: Secure attention key

[Fred]

** Also affects: unity-system-compositor (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: unity-system-compositor
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/237721

Title:
  Secure attention key

Status in gdm:
  New
Status in KDE Base:
  Confirmed
Status in Light Display Manager:
  Won't Fix
Status in Unity System Compositor:
  New
Status in gdm package in Ubuntu:
  Confirmed
Status in kdebase-workspace package in Ubuntu:
  Won't Fix
Status in lightdm package in Ubuntu:
  Won't Fix
Status in ubuntu-meta package in Ubuntu:
  Invalid
Status in unity-system-compositor package in Ubuntu:
  New
Status in xdm package in Ubuntu:
  Won't Fix

Bug description:
  Binary package hint: gdm

  In many environments computers are left unattended (e.g. schools,
  libraries, etc) and people can launch applications which mimic the
  look-and-feel of the login application (GDM) in order to get the users
  username and password.

  This is called login spoofing.
  * http://en.wikipedia.org/wiki/Login_spoofing

  Login spoofing can be prevented by using a secure attention key which is a key combination pressed before the user login to launch the password request dialog. This key can only be seen by the kernel, and not sniffed by any application.
  * http://en.wikipedia.org/wiki/Secure_attention_key

To manage notifications about this bug go to:
https://bugs.launchpad.net/gdm/+bug/237721/+subscriptions