"Ctrl-Alt-Del to login" important for security?

Robert Collins robertc at robertcollins.net
Thu Mar 2 10:30:34 GMT 2006


On Thu, 2006-03-02 at 11:19 +0100, Scott James Remnant wrote:
> On Thu, 2006-03-02 at 01:01 +0000, Pete Ryland wrote:
> 
> > Just wanted to make the point in case it wasn't known that the reason
> > Ctrl-Alt-Del is special is because on the PC it triggers a hardware
> > interrupt when pressed, which only the kernel is privvy to (as with SysReq
> > too btw).
> > 
> That's true, if I recall correctly the Windows kernel traps that and
> itself takes care of bringing up the login dialog.
> 
> Obviously here in the Real World we don't like to put things like X and
> gdm into the kernel <g>
> 
> So a typical implementation could be:
> 
> - modify /etc/inittab, change the "ca:" line to run a dbus helper (or
>   other IPC trick) to send a message on the bus
> - make gdm listen for that, and not show the login dialog until it
>   appears
> 
> The obvious flaw here is that you've now reduced the security from "only
> the kernel can" to "anyone who can get root can"
> 
> 
> Also hasn't recent Windows abandoned this trick anyway, I'm sure XP just
> lets you click your username when it boots.

In the NT series of kernels its always been the TCB that takes care of
the login. The GINA interface is (if I am remembering the details
correctly) modular - Netware install their own netware aware GINA for
instance.

Whats for sure is that the login screen *does not* run in the kernel,
its no more isolated from the rest of the system than a process owned by
root.

Rob

-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/sounder/attachments/20060302/3781b71a/attachment.pgp


More information about the sounder mailing list