Subject: Re: protection against login trojans?
To: None <>
From: Jim Wise <>
List: tech-userlevel
Date: 04/06/2005 11:29:10
Hash: SHA1

On Tue, 5 Apr 2005, Geert Hendrickx wrote:

>I was wondering whether it is possible for a user to protect himself
>against login trojans.  Another user could easily write a shell script
>that displays a login: prompt, followed by a Password: prompt, and then
>leave the console.  The next user would then enter his login-name and
>password into that trojan.  
>In XDM you could simply hit Ctrl-Alt-Backspace to reset the X-server.
>In win2k you can hit Ctrl-Alt-Delete, also to reset the login-prompt.  
>Is there any way to reset a UNIX getty (or could that be implemented?), 
>so that a user can be sure he's talking to getty and not to some trojan?  

Traditionally, many Unixes have supported a `secure login path' 
extension, which would, upon receiving a `break' character on a terminal 
line, kill the processes using that terminal -- in the case where getty 
was running, this would simply result in getty being respawned, and in 
the case where a trojan was running, this would kill it, also resulting 
in getty being respawned.

I don't know that NetBSD supports this, but if not, it would be worth 

- -- 
				Jim Wise
Version: GnuPG v1.4.1 (NetBSD)