Xserver needs to run as "root" on Linux / was: Re: [Xorg] Server side widgets
Ely Levy
elylevy-xserver at cs.huji.ac.il
Tue Jul 13 08:07:50 PDT 2004
On Tue, 13 Jul 2004, Nicolas Mailhot wrote:
> Le mar, 13/07/2004 à 10:06 -0400, Sean Middleditch a écrit :
>
> > This is why Windows has the "Push ctrl-alt-delete to login" window on
> > most corporate workstations. The kernel and _only_ the kernel can catch
> > and process ctrl-alt-delete.
>
> Assuming the link from the keyboard to the computer and from the
> computer to the screen is safe (which in the brave new wireless world is
> less and less true)
> A minimalist security feature would probably be for the system to ack
> local logins with a passphrase the user entered when his account was
> created. It would not protect against interception but at least you'd
> know the real system was in the loop somewhere.
And someone would just pick over your shoulder and see it?
> The sad fact is you can't really secure a system with as dumb a device
> as a low-cost ps/2 keyboard. That's why smart card readers have a
> dedicated keyboard/display
Ofcourse, but it doesn't mean we are going to cancell passwords cause of
it.
We should do the best we can with the hardware that is there.
> Regards,
>
> --
> Nicolas Mailhot
Ely
More information about the xorg
mailing list