Re: About the login shell
On Tue, 20 Aug 2002, Sean Neakums wrote:
> That came from the Orange Book security guidelines, I believe. The
> idea is that the SAS (secure attention sequence) is not overrideable
> and thus the user can be sure that once the sequence has been entered
> he is communicating with the OS and not with a Trojan. This is quite
> different from typing "login" at the prompt of a program that may or
> may not be the login shell.
I guess my problem is that I don't believe that having the OS trap
ctrl-alt-del, and then using that to start the login is any safer. What
if it is actually a trojaned version of win98? Or what if they used one
of the many, many win2k or winNT exploits to trojan the box. It is a
programmable interrupt, you just overwrite the function pointer the OS
whats to use with your value. So to me, I think it is redundant and
annoying. But I should shut up, because from here I'm just stuborn about
it :)
Jason
Reply to: