[Bug 237721] Re: Secure attention key

Robert Ancell robert.ancell at canonical.com
Sun Oct 13 21:16:54 UTC 2013


** Changed in: lightdm
       Status: New => Triaged

** Changed in: lightdm
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/237721

Title:
  Secure attention key

Status in GDM: The Gnome Display Manager:
  New
Status in KDE Base Components:
  Confirmed
Status in Light Display Manager:
  Triaged
Status in “gdm” package in Ubuntu:
  Confirmed
Status in “kdebase-workspace” package in Ubuntu:
  Won't Fix
Status in “lightdm” package in Ubuntu:
  New
Status in “ubuntu-meta” package in Ubuntu:
  Invalid
Status in “xdm” package in Ubuntu:
  Won't Fix

Bug description:
  Binary package hint: gdm

  In many environments computers are left unattended (e.g. schools,
  libraries, etc) and people can launch applications which mimic the
  look-and-feel of the login application (GDM) in order to get the users
  username and password.

  This is called login spoofing.
  * http://en.wikipedia.org/wiki/Login_spoofing

  Login spoofing can be prevented by using a secure attention key which is a key combination pressed before the user login to launch the password request dialog. This key can only be seen by the kernel, and not sniffed by any application.
  * http://en.wikipedia.org/wiki/Secure_attention_key

To manage notifications about this bug go to:
https://bugs.launchpad.net/gdm/+bug/237721/+subscriptions



More information about the foundations-bugs mailing list