Bug#305600: [Pkg-shadow-devel] Bug#305600: login is vulnerable to local pishing attacks

Alexander Gattin Alexander Gattin <arg@online.com.ua>, 305600@bugs.debian.org
Mon, 25 Apr 2005 00:01:57 +0300


Hi!

On Fri, Apr 22, 2005 at 08:33:35AM +0200, Christian Perrier wrote:
> > > Please explain me how, on a non compromised system, users can replace
> > > the login program with something else.
> > I'm speaking of a simple childish script kiddy script that you start
> > as a normal local user *without* root access. I thought you have
> > misunderstood something because you might have a system in mind with
> > users you trust. I'm speaking of systems with users you don't trust.
> But how do you expect that the malicious unprivileged user can fake
> *other* users by having them use the fake login program.

Well, I think Gerhard meant faking local/physical login
(i.e. login to console (VT/tty)).

Thus all this is about faking a "visual appearance" of
login/xdm/whatever login method/program you use.

> But, how could I really have other users run it

Just logout and leave it running on VT. Next user
just logs (tries to log) into the system on this VT
after you...

Typically this assumes physical access of malicious
user to the system, which in turn heavily undermines
its security as a whole.

I mean that using for example Secure Authentication
Key (SAK: Alt-SysRq-K) alone is not enough.

-- 
WBR,
xrgtn