Subject: Re: protection against login trojans?
To: None <firstname.lastname@example.org>
From: Jim Wise <email@example.com>
Date: 04/06/2005 11:29:10
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 5 Apr 2005, Geert Hendrickx wrote:
>I was wondering whether it is possible for a user to protect himself
>against login trojans. Another user could easily write a shell script
>that displays a login: prompt, followed by a Password: prompt, and then
>leave the console. The next user would then enter his login-name and
>password into that trojan.
>In XDM you could simply hit Ctrl-Alt-Backspace to reset the X-server.
>In win2k you can hit Ctrl-Alt-Delete, also to reset the login-prompt.
>Is there any way to reset a UNIX getty (or could that be implemented?),
>so that a user can be sure he's talking to getty and not to some trojan?
Traditionally, many Unixes have supported a `secure login path'
extension, which would, upon receiving a `break' character on a terminal
line, kill the processes using that terminal -- in the case where getty
was running, this would simply result in getty being respawned, and in
the case where a trojan was running, this would kill it, also resulting
in getty being respawned.
I don't know that NetBSD supports this, but if not, it would be worth
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)
-----END PGP SIGNATURE-----