Patryk Zawadzki wrote: > On Fri, Sep 19, 2008 at 12:42 PM, Gustavo J. A. M. Carneiro > <[EMAIL PROTECTED]> wrote: >> Someone who has gained a user privilege could possibly show a fake >> password input dialog that looks exactly like a "real" password prompt, >> thereby learning the root password. >> >> Same thing with VT swiching. It shouldn't be hard to make the it look >> like we are switching VT from a simple X11 program running as the user. >> >> If the local user account has been compromised it seems to me that all >> hope is lost. So I don't really see the point of all this Trusted Path >> complexity. >> >> But I'm no security expert; I might be missing something. > > I believe the goal is to use some uncatchable keyboard sequence a'la > Windows' secure auth (Ctrl+Alt+Del).
This works on Windows (on a domain) because the goal in those situations is to have perfect and total single sign on. This has been watered down in more recent (less coherent) Windows releases, but the goal was always to prompt the user once and never prompt them again for any application because the system uses kerberos. In our mix of applications and protocols passwords abound, and it's less likely that a Ctrl-Alt-Del style solution would be sufficiently usable. Cheers, Stef Walter _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
