Re: About the login shell

To: Sean Neakums <sneakums@zork.net>
Cc: debian-hurd@lists.debian.org
Subject: Re: About the login shell
From: Jason Dagit <dagit@engr.orst.edu>
Date: Tue, 20 Aug 2002 09:57:14 -0700 (PDT)
Message-id: <[🔎] Pine.GSO.4.44.0208200951410.19865-100000@eel.ENGR.ORST.EDU>
In-reply-to: <[🔎] 6uvg66rln1.fsf@zork.zork.net>

On Tue, 20 Aug 2002, Sean Neakums wrote:

> That came from the Orange Book security guidelines, I believe.  The
> idea is that the SAS (secure attention sequence) is not overrideable
> and thus the user can be sure that once the sequence has been entered
> he is communicating with the OS and not with a Trojan.  This is quite
> different from typing "login" at the prompt of a program that may or
> may not be the login shell.

I guess my problem is that I don't believe that having the OS trap
ctrl-alt-del, and then using that to start the login is any safer.  What
if it is actually a trojaned version of win98?  Or what if they used one
of the many, many win2k or winNT exploits to trojan the box.  It is a
programmable interrupt, you just overwrite the function pointer the OS
whats to use with your value.  So to me, I think it is redundant and
annoying.  But I should shut up, because from here I'm just stuborn about
it :)

Jason

Reply to:

Follow-Ups:
- Re: About the login shell
  - From: Moritz Schulte <moritz@duesseldorf.ccc.de>
- Re: About the login shell
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>

References:
- Re: About the login shell
  - From: Sean Neakums <sneakums@zork.net>

Prev by Date: Re: How does it go on the AGP-bus front?
Next by Date: Re: About the login shell
Previous by thread: Re: About the login shell
Next by thread: Re: About the login shell
Index(es):
- Date
- Thread