> I suspect this is a problem also with GDM, CDE login, and the lock
> screen program provided by CDE (in addition to xscreensaver and
> gnome-screensaver).
So let me try another definition since the first few tries
seem incomprehensible:
Trusted Path: A communication path between the user/admin and the
System that is protected from disclosure and undetected
modification. This path must be logically distinct so
the user is aware they are in TP communications.
Trusted Path is a concept of direct communication between the user's input
sensors (eyes, ears, ...) and user's output devices (fingers,
voice, ...) with the System in such a way that the user is aware that
they are receiving from the System and replying to the System and that
the communication path cannot be compromised in any way.
[actually I did a s/TCB/System/ above since TCB is also jargon]
> In other words, there is not really any way for the user to know that
> the login screen or lock screen isn't a fake screen designed to look and
> act like the real screen, which really just does something malicious
> like forward the user's username or password information to somewhere it
> shouldn't go.
That's unfortunate that there's "not really any way" since many
of our competitors (and Sun in the past) have found a way.
Perhaps you mean you can't think of a way.
Gary..
Once again dropping back into my hole.
