[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: trust [was Re: Open Xlock as root]



On Tue, 14 Dec 1999, Savochkin Andrey Vladimirovich wrote:

> > What makes vlock resistant to the attack I described (reminder: use a big
> > hammer to terminate the locked session and run your own "bugged" version
> > pretending to be the old one)?

> Ok, ok.  Nothing makes it resistant (at least I don't know how to do it).

Well, because 'vlock -a' locks *all* the virtual consoles (and there's no
magic key to break out of it--it wouldn't be a very good console lock if
there was), the hammer the attacker would need to terminate the locked
session would be one serious Hammer of Pok.  Specifically, the attacker
would have to be able to reboot the machine.  So, if there's sufficient
physical security in place, then vlock *is* resistant to such an attack.

-Steve Langasek
postmodern programmer




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []