[Pkg-shadow-devel] Bug#305600: Preventing login pishing
Alexander Gattin
arg@online.com.ua
Mon, 9 May 2005 21:36:41 +0300
Hello!
On Mon, May 09, 2005 at 10:37:14AM +0200, Martin Quinson wrote:
> So, in my mind, this is only a documentation issue. I propose to add the
> following to login(1), in the "CAVEATS" section.
I agree. And you also seem to have a better idea than
me about a proper manpage section for such stuff.
> As any program, login appearance could be faked. If non-trusted users have a
> physical access to the machine, an attacker could use this to obtain the
> password of the next person siting on front of the machine.
correction: "sitting in front"...
> The better way
> to prevent this is to use the SAK feature of the linux kernel. See for
> example Documentation/SAK.txt in the kernel source tree for more
> information.
Kind of a FAQ ;)
Tomasz, what do you think about integrating this in
upstream?
--
WBR,
xrgtn