Xserver needs to run as "root" on Linux / was: Re: [Xorg] Server side widgets
Sean Middleditch
elanthis at awesomeplay.com
Tue Jul 13 07:06:22 PDT 2004
On Tue, 2004-07-13 at 09:53, Jakub Piotr CÅ‚apa wrote:
> Jon Smirl wrote:
> > The idea of a kernel based login is that it is completely secure and
> > can't be trojaned. A key that can't be intercepted is used to trigger
> > login. The kernel catches this and clears/draws the screen in a way
> > that can't be stopped. The keyboard is then directly read for the login
> > data.
>
> Looks really Windowish (and fishy) to me...
>
> Why is this better than x/g/w/xdm? AFAIR from the beggining Unixes used
I log in. I make a program that paints a full-screen window identical
to GDM, but it takes the user names/passwords and mails them to me. A
user sits down, tries to log in, and poof, I stole their login
information.
This is why Windows has the "Push ctrl-alt-delete to login" window on
most corporate workstations. The kernel and _only_ the kernel can catch
and process ctrl-alt-delete.
I'm not at all convinced that the actual login screen and daemon needs
to be in the kernel at all, but there does need to be a way to 100%
guarantee that you are at the real login screen; kernel-level checks
using a kernel-only key sequence is one way to do this. Perhaps the
kernel can, upon receiving the key-combination, open a new VT and launch
a specific binary (GDM/KDM/etc) on it? The only way to trojan that
would be to over-write the login manager binaries or somehow get access
to control a VT owned by root/login-manager-user, which shouldn't be any
easier than cracking the kernel login system, no?
> (min)getty+login for logging in on text terminals and it works without
> problems (I can event change mingetty to fbgetty to get some fancy
> graphic into the framebuffer).
> What make graphic consoles different?
Nothing. The security problem is there with mingetty as well. The same
system discussed here could potentially be used to alleviate that
problem as well.
--
Sean Middleditch <elanthis at awesomeplay.com>
AwesomePlay Productions, Inc.
More information about the xorg
mailing list