[rescue] Trusted Path (Was: Sunpc Card)
Patrick Giagnocavo 717-201-3366
patrick at .zill.net
Tue May 21 21:43:56 CDT 2002
On Tue, May 21, 2002 at 09:24:23PM -0400, Loomis, Rip wrote:
> >... when a user wants to login, they could run the software,
> > get the login prompt (I love it, hit the 'reboot' key sequence
> > to login!)
>
> As a complete aside--there's a good reason why [CTRL][ALT][DEL]
> is used to login, although you have to have a sip of the
> old Orange Book TCSEC Kool-Aid first...
>
> The logic is that one should only supply authentication info
> via a Trusted Path...to ensure that you're not giving your
> password to a trojan app. The method that MS picked (given the
> existing x86 architecture) in NT 3.5 was to hook the Non-Maskable
> Interrupt that was already assigned to the three-finger salute.
> No matter what else happens, you know that if something responds
> to [CTRL][ALT][DEL] on an NT[345] system then it's either the
> OS Trusted Path...or your system has been utterly and completely
> compromised.
My understanding is that the Ctrl-Alt-Del combo is only valid under
NT, that is, under Linux or OpenBSD on x86 you would not have the same
situation.
Of course, if you had a re-programmable keyboard you could change the
key assignments, which would then defeat the purpose.
Cordially
Patrick Giagnocavo
patrick at zill.net
More information about the rescue
mailing list