[Bug 237721] Re: Secure attention key
Thomas Hotz
237721 at bugs.launchpad.net
Wed May 1 08:55:33 UTC 2013
** Changed in: gdm (Ubuntu)
Assignee: Ubuntu Desktop Bugs (desktop-bugs) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/237721
Title:
Secure attention key
Status in KDE Base Components:
Confirmed
Status in “gdm” package in Ubuntu:
New
Status in “kdebase-workspace” package in Ubuntu:
Won't Fix
Status in “ubuntu-meta” package in Ubuntu:
Invalid
Status in “xdm” package in Ubuntu:
Won't Fix
Bug description:
Binary package hint: gdm
In many environments computers are left unattended (e.g. schools,
libraries, etc) and people can launch applications which mimic the
look-and-feel of the login application (GDM) in order to get the users
username and password.
This is called login spoofing.
* http://en.wikipedia.org/wiki/Login_spoofing
Login spoofing can be prevented by using a secure attention key which is a key combination pressed before the user login to launch the password request dialog. This key can only be seen by the kernel, and not sniffed by any application.
* http://en.wikipedia.org/wiki/Secure_attention_key
To manage notifications about this bug go to:
https://bugs.launchpad.net/kde-baseapps/+bug/237721/+subscriptions
More information about the foundations-bugs
mailing list