"Ctrl-Alt-Del to login" important for security?
Pete Ryland
pdr at pdr.cx
Thu Mar 2 13:35:28 GMT 2006
On Thu, Mar 02, 2006 at 11:19:56AM +0100, Scott James Remnant wrote:
> On Thu, 2006-03-02 at 01:01 +0000, Pete Ryland wrote:
>
> > Just wanted to make the point in case it wasn't known that the reason
> > Ctrl-Alt-Del is special is because on the PC it triggers a hardware
> > interrupt when pressed, which only the kernel is privvy to (as with SysReq
> > too btw).
Ah balls, this is actually not quite true. Just did a poke around about
this one, and it seems that they are actually software interrupts generated
by the BIOS's keyboard interrupt handler. Since Linux (and I'd guess modern
Windows too) replaces the BIOS keyboard handlers with its own it is only
special now because people are familiar with the combination.
> Obviously here in the Real World we don't like to put things like X and
> gdm into the kernel <g>
>
> So a typical implementation could be:
>
> - modify /etc/inittab, change the "ca:" line to run a dbus helper (or
> other IPC trick) to send a message on the bus
> - make gdm listen for that, and not show the login dialog until it
> appears
>
> The obvious flaw here is that you've now reduced the security from "only
> the kernel can" to "anyone who can get root can"
Considering anyone with root can usually control/replace the kernel, it's
about the same anyway. And still better than the current "anyone with a
login can".
Pete
--
"If you could do Java over again, what would you change?"
"I'd leave out classes" - James Gosling, at a Java User Group
More information about the sounder
mailing list