[Bug 237721] Re: Secure attention key
Robert Ancell
robert.ancell at canonical.com
Sun Oct 13 21:16:54 UTC 2013
** Changed in: lightdm
Status: New => Triaged
** Changed in: lightdm
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/237721
Title:
Secure attention key
Status in GDM: The Gnome Display Manager:
New
Status in KDE Base Components:
Confirmed
Status in Light Display Manager:
Triaged
Status in “gdm” package in Ubuntu:
Confirmed
Status in “kdebase-workspace” package in Ubuntu:
Won't Fix
Status in “lightdm” package in Ubuntu:
New
Status in “ubuntu-meta” package in Ubuntu:
Invalid
Status in “xdm” package in Ubuntu:
Won't Fix
Bug description:
Binary package hint: gdm
In many environments computers are left unattended (e.g. schools,
libraries, etc) and people can launch applications which mimic the
look-and-feel of the login application (GDM) in order to get the users
username and password.
This is called login spoofing.
* http://en.wikipedia.org/wiki/Login_spoofing
Login spoofing can be prevented by using a secure attention key which is a key combination pressed before the user login to launch the password request dialog. This key can only be seen by the kernel, and not sniffed by any application.
* http://en.wikipedia.org/wiki/Secure_attention_key
To manage notifications about this bug go to:
https://bugs.launchpad.net/gdm/+bug/237721/+subscriptions
More information about the foundations-bugs
mailing list