Back to home page

OSCL-LXR
 
 

     

0001 =========================================
0002 Linux Secure Attention Key (SAK) handling
0003 =========================================
0004 
0005 :Date: 18 March 2001
0006 :Author: Andrew Morton
0007 
0008 An operating system's Secure Attention Key is a security tool which is
0009 provided as protection against trojan password capturing programs.  It
0010 is an undefeatable way of killing all programs which could be
0011 masquerading as login applications.  Users need to be taught to enter
0012 this key sequence before they log in to the system.
0013 
0014 From the PC keyboard, Linux has two similar but different ways of
0015 providing SAK.  One is the ALT-SYSRQ-K sequence.  You shouldn't use
0016 this sequence.  It is only available if the kernel was compiled with
0017 sysrq support.
0018 
0019 The proper way of generating a SAK is to define the key sequence using
0020 ``loadkeys``.  This will work whether or not sysrq support is compiled
0021 into the kernel.
0022 
0023 SAK works correctly when the keyboard is in raw mode.  This means that
0024 once defined, SAK will kill a running X server.  If the system is in
0025 run level 5, the X server will restart.  This is what you want to
0026 happen.
0027 
0028 What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
0029 the machine.  CTRL-ALT-BACKSPACE is magical to the X server.  We'll
0030 choose CTRL-ALT-PAUSE.
0031 
0032 In your rc.sysinit (or rc.local) file, add the command::
0033 
0034         echo "control alt keycode 101 = SAK" | /bin/loadkeys
0035 
0036 And that's it!  Only the superuser may reprogram the SAK key.
0037 
0038 
0039 .. note::
0040 
0041   1. Linux SAK is said to be not a "true SAK" as is required by
0042      systems which implement C2 level security.  This author does not
0043      know why.
0044 
0045 
0046   2. On the PC keyboard, SAK kills all applications which have
0047      /dev/console opened.
0048 
0049      Unfortunately this includes a number of things which you don't
0050      actually want killed.  This is because these applications are
0051      incorrectly holding /dev/console open.  Be sure to complain to your
0052      Linux distributor about this!
0053 
0054      You can identify processes which will be killed by SAK with the
0055      command::
0056 
0057         # ls -l /proc/[0-9]*/fd/* | grep console
0058         l-wx------    1 root     root           64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
0059 
0060      Then::
0061 
0062         # ps aux|grep 579
0063         root       579  0.0  0.1  1088  436 ?        S    00:43   0:00 gpm -t ps/2
0064 
0065      So ``gpm`` will be killed by SAK.  This is a bug in gpm.  It should
0066      be closing standard input.  You can work around this by finding the
0067      initscript which launches gpm and changing it thusly:
0068 
0069      Old::
0070 
0071         daemon gpm
0072 
0073      New::
0074 
0075         daemon gpm < /dev/null
0076 
0077      Vixie cron also seems to have this problem, and needs the same treatment.
0078 
0079      Also, one prominent Linux distribution has the following three
0080      lines in its rc.sysinit and rc scripts::
0081 
0082         exec 3<&0
0083         exec 4>&1
0084         exec 5>&2
0085 
0086      These commands cause **all** daemons which are launched by the
0087      initscripts to have file descriptors 3, 4 and 5 attached to
0088      /dev/console.  So SAK kills them all.  A workaround is to simply
0089      delete these lines, but this may cause system management
0090      applications to malfunction - test everything well.
0091
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!