On Tue, 20 Aug 2002, Sean Neakums wrote:
> That came from the Orange Book security guidelines, I believe. The > idea is that the SAS (secure attention sequence) is not overrideable > and thus the user can be sure that once the sequence has been entered > he is communicating with the OS and not with a Trojan. This is quite > different from typing "login" at the prompt of a program that may or > may not be the login shell. I guess my problem is that I don't believe that having the OS trap ctrl-alt-del, and then using that to start the login is any safer. What if it is actually a trojaned version of win98? Or what if they used one of the many, many win2k or winNT exploits to trojan the box. It is a programmable interrupt, you just overwrite the function pointer the OS whats to use with your value. So to me, I think it is redundant and annoying. But I should shut up, because from here I'm just stuborn about it :) Jason