On Tue, Aug 20, 2002 at 09:57:14AM -0700, Jason Dagit wrote: > I guess my problem is that I don't believe that having the OS trap > ctrl-alt-del, and then using that to start the login is any safer.
The problem is in what you believe, not the object of your belief. Security is not only measured by practical security, but also by theoretical models which make certain assumptions. While the operating system in question might not be practically secure, the theoretical model is sound, and the "magic safe login key sequence" _is_ a necessary feature of every terminal that is shared, both for practical and theoretical security. The other question is if the whole operating system is fake. That is an entirely different issue, though, and has nothing to do with the feature we were discussing. Argueing about that would avoid the question, not answer it, and this would not be a productive form of communication. (You secure the operating system by installing a BIOS password and a boot loader password, and by protecting the computer physically, as well as all privileged access to it. ALL other operations, including the fact that you need to login at all, assume that the operating system is untampered). Thanks, Marcus -- `Rhubarb is no Egyptian god.' GNU http://www.gnu.org [EMAIL PROTECTED] Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/ [EMAIL PROTECTED] http://www.marcus-brinkmann.de/
