| |||||||||||||
Shortening the ropeShortening the ropePosted Apr 3, 2009 19:04 UTC (Fri) by joey (subscriber, #328)Parent article: Shortening the rope
Whatever happened to the idea that ctrl-alt-backspace could be used to ensure that one is really interacting with gdm/xdm, and not with a clever password logging imitation?
(Log in to post comments)
Shortening the rope Posted Apr 3, 2009 19:21 UTC (Fri) by yokem_55 (subscriber, #10498) [Link]
Ctl-alt-printscreen-k handles this use case quite well. Comes in handy also when the X server goes completely out to lunch and isn't responding to keyboard inputs.
Shortening the rope Posted Apr 4, 2009 12:28 UTC (Sat) by Trelane (subscriber, #56877) [Link]
except on my netbook, where Ctrl+Fn+Ins+k equates to Ctrl+PrtSc+2
Shortening the rope Posted Apr 3, 2009 19:38 UTC (Fri) by SLi (subscriber, #53131) [Link]
Seriously, SAK is the one thing that is seriously lacking in Linux. The
Windows model of using Ctrl-Alt-delete for an uncatchable (by a non-root) thing always before having to enter a password is really a good thing and prevents malicious programs from capturing things. Although I hear the implementation is not that good, but the idea is a correct one, and the Linux world lacks even the idea. (There's a SAK in Magic SysRq and one can be done with loadkeys, but they are not integrated at all with X/KDE/Gnome/whatever and hence of limited use.)
Shortening the rope Posted Apr 7, 2009 13:34 UTC (Tue) by hmh (subscriber, #3838) [Link]
Properly done SAK should done by the kernel, for it to have a chance of being somewhat secure. It doesn't have to, nor should it be "integrated" to anything: that goes completely against what SAK is supposed to do.
What one should do is to make sure the kernel will select the correct crap for killing, and that it resets the VT (and the keyboard translation mode, damn PeeCee legacy crap) to something that can work with getty for when X doesn't come back up. And to have init or another process supervisor bring gdm/kdm back to life.
For all I know, it even already does the above :-) I should try it one of these days.
Shortening the rope Posted Apr 19, 2009 9:44 UTC (Sun) by TRS-80 (subscriber, #1804) [Link] With GDM at least, the SAK kills the child gdm process on the terminal, but not the parent daemon, which then spawns a new child that starts X. I tested this yesterday, as I needed to restart X to get back the 1.5GB of RAM mozilla had leaked into it. Keyboard-wise X should be using the same translation as the VT thanks to input-hotplug, not that there's a getty on that VT.
Shortening the rope Posted Apr 8, 2009 6:07 UTC (Wed) by daniels (subscriber, #16193) [Link]
Ctrl-Alt-Backspace is not an SAK and never has been, because a malicious program could simply remap the keyboard such that Ctrl-Alt-Backspace didn't terminate, then grab and play around with turning your display off and on to simulate a server restart.
Shortening the rope Posted Apr 10, 2009 18:13 UTC (Fri) by madscientist (subscriber, #16861) [Link]
I think the point being made here is that there would be NO WAY to override this, including key remapping (well,there's nothing we can do about someone performing hardware hacks on your keyboard :-)). Or, probably preferably, you could override those keys individually but when pressed together they always trigger that particular event regardless of remapping.
Obviously, the choice of CTRL, ALT, and BACKSPACE for this purpose is sub-optimal for many reasons, not least of which is that they are often remapped.
|
|||||||||||||