Linux login method secure?

T.B. van der Molen tbm at home.nl
Sun Sep 1 19:18:51 PDT 2002


I was wondering the following.

On Windows NT/2000/whatever you usually first have to press Ctrl+Alt+Del 
before you can log on. This way you are sure you are giving your login 
information to Windows because only Windows can recognize the 
Ctrl+Alt+Del key combination.

This does not exist in the Linux login method. So, someone could easily 
write a program or script that visually imitates the behaviour of the 
login program on a system, capture the user's login information and 
could then exit and log out so the user sees the real login program.

Isn't this a relevant security threat? Can it be prevented?

Tim

-- 
"Period Three Implies Chaos"
- T.Y. Li & J.A. Yorke (1975)

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-chat' in the subject header of the message



More information about the lfs-chat mailing list