Rudolf Polzer <[EMAIL PROTECTED]> writes: >> Ok. So they are exposed to known attacks with quite high probability. > > Which others? Are there other places that assume only trusted users can > access > the console?
Probably: BIOS booting, messing with computer cases (are the computers in locked room and only kbds/monitors/mouses are accessible?), sniffing keyboard cables (all other passwords if not root's), physical damage to the computer hardware (some kind of DoS). Still, may be adequate for student room. >> I assume that one can notice that Ctrl-Alt-Backspace doesn't work, >> and stop there. > > Not if a malicious X program does "chvt 1; chvt 7" when Ctrl-Alt-Backspace is > pressed. With correct timing, possibly. Depends on how the graphics driver starts and switches from text mode. There might be noticeable differences. > It would require a video driver that can actually reset the video mode. > Framebuffer drivers usually can do that. For the standard VGA text mode, at > least savetextmode/restoretextmode from svgalib don't work on the graphics > cards I have. I think Xserver could terminate gracefully. But it would require changes to kernel SAK handling I think - not sure if it's worth it, given other threats. Another idea: if the machines are ACPI-enabled and have "soft-power" buttons, one can make use of acpid. -- Krzysztof Halasa -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]