Secure attention Key: Login and GkSudo

staticd staticd.growthecommons at
Sun Oct 30 14:11:04 UTC 2011

> Windows NT is designed so that, unless system security is already
> compromised in some other way, only the Winlogon process, a trusted
> system process, can receive notification of this keystroke
> combination. This is because the kernel remembers the process ID of
> the Winlogon process, and allows only that process to receive the
> notification.
> So says Wikipedia.
> Interestingly, VMWare catches the sequence as well.
I was thinking of a Alt+Sysrq combination capturable only by the kernel.
(Ctrl+Alt+Sysrq ?)

> While it is true that the SAK will trigger a kernel event, it is also
> true that the major method of bypass isn't going to be anything so
> simple as hacking the log-in dialog or gksudo prompt.  No, that won't
> work.
Why won't a well created spoof work? An interface that looks like the login
interface / gksu interface but isn't.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Ubuntu-devel-discuss mailing list