Re: WM enhancements to support accessible screen lock
- From: Brian Cameron <Brian Cameron Sun COM>
- To: Lubos Lunak <l lunak suse cz>
- Cc: wm-spec-list gnome org
- Subject: Re: WM enhancements to support accessible screen lock
- Date: Tue, 30 Sep 2003 10:17:09 -0500
Lubos Lunak wrote:
Grabbing the input is actually useless too, if by that you mean normal
XGrabs (they offer very little security, contrary to some people's
common notion).
That's news to me (well, I said I'm not a security person). What's the
problem with grabs?
Grabbing the keyboard does not protect the keyboard from being sniffed,
assuming that a compromised program has xauth permissions. Such a
technique is well documented in the xspy program:
http://www.acm.vt.edu/~jmaxwell/programs/xspy/xspyPage.html
If you run it before locking your screen, you will find your username
and password echoed to the terminal screen after you unlock your
screen.
That said, the keyboard/mouse grabs do a reasonable job of protecting
from key/mouse focus being accidently delivered to the wrong window
via the physical keyboard/mouse. However, I see no reason why this
protection couldn't be provided by the window manager (and other
programs that might be listening to various hotkey events) instead.
Obviously the user could be tricked into running a program that
would compromise their lock screen by turning on some hotkey which
would allow a program to take key/mouse input when it shouldn't be
allowed. While this is a risk, I am not sure that this is any worse
than a user being tricked into running a program using the xspy
technique.
--
Brian
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
