Bill: > you also need a mechanism for the user to be able to tell when & where > the trusted path is active that can't be spoofed by any other > application.
I suspect this is a problem also with GDM, CDE login, and the lock screen program provided by CDE (in addition to xscreensaver and gnome-screensaver). In other words, there is not really any way for the user to know that the login screen or lock screen isn't a fake screen designed to look and act like the real screen, which really just does something malicious like forward the user's username or password information to somewhere it shouldn't go. I am not sure how to meet this requirement. Hopefully the people from the security team can help provide some idea of how to accomplish this. Brian
