On Mon, Jun 14, 2010 at 05:36:33AM -0700, Elazar Leibovich wrote: > 1) I'm not sure sniffing your keyboard and recognizing when you type your > password is so easy, but I might be wrong. > 2) I believe that there's some mechanism which prevents any other software > to mask graphically the authentication dialog, so that if you're seeing the > real authentication dialog - you can trust what you see.
It's not about masking one. It's about faking one. > > However using Vista signed executable idea, for instance none of this could > happen, since every time a program asks for privilege leverage the dialog > box states explicitly which executable is asking for it, and you never write > your own password except in login, so whatever the malicious program does it > cannot get root privileges. "Never" is a very strong word. The main problem here is that you'll eventually need to run "untrusted" binaries for varius reasons. And thus you'll get used to bypassing that mechnism on a regular basis. Not to mention that "trusted" binaries may do way to much. For instance, /bin/bash is a trusted binary on your Linux system. It is instealled from a signed package. Yet chmod s+u /bin/bash is not such a grand idea. Trusting any signed binaries sounds all too much like a generic sudo line. It might be a good solution, but not for this problem. Again, look into the *Kit stuff, if sudo is not good enough for you. -- Tzafrir Cohen | tzaf...@jabber.org | VIM is http://tzafrir.org.il | | a Mutt's tzaf...@cohens.org.il | | best tzaf...@debian.org | | friend _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
