On Sat, 2015-02-21 at 20:07 +0100, U.Mutlu wrote:
> Hi,
> in the following video someone demonstrates a "user mode keylogger":
> https://www.youtube.com/watch?v=Y1fZAZTwyPQ
>
> Is that really possible that a non-admin user can run a program
> to grab all key strokes on the system?
It can grab all key strokes typed in the same X session. (Wayland
servers are likely to be more restrictive.)
> Or is that guy misleadingly demonstrates only a kernel-level keylogger
> that permits the non-admin user to use it?
I don't think so.
> How best to check if a keylogger is running?
There is no good answer to that. There are so many places that a
keylogger could operate - as a standalone application, in the X server,
a library, a driver, the kernel input core, in hardware, ...
Ben.
--
Ben Hutchings
Everything should be made as simple as possible, but not simpler.
- Albert Einstein
Attachment:
signature.asc
Description: This is a digitally signed message part