[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security policy / root passwords

On 10/06/13 16:51, Simon McVittie wrote:
> On 10/06/13 15:36, Timo Juhani Lindfors wrote:
>> Simon McVittie <smcv@debian.org> writes:
>>>     * ability to use system-modal prompting or a secure input path
>>>       (partially done by PK under GNOME Shell, likely to get better
>>>       under Wayland, not supported by sudo or su)
>> Not relevant to the current discussion but this got me curious: can the
>> input path really be secure under X11?
> It can at least be a bit more robust against accidentally typing your
> password into the wrong window (although perhaps not secure against
> deliberate abuse by a malicious application) by taking an input grab,
> like the various pinentry-* and ssh-askpass implementations do.
> I'm not sure how far GNOME Shell goes with securing input to
> system-modal dialogs, but again, the fact that it's modal makes it a bit
> more robust against mistakes.

Every copy of jessie could be distributed with one of the red hoods
referred to in this article:


I presume it has some kind of electromagnetic shielding too.

Reply to: