lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150322222337.GA28785@kroah.com>
Date:	Sun, 22 Mar 2015 23:23:37 +0100
From:	Greg KH <gregkh@...uxfoundation.org>
To:	helene.gsaenger@...dium.fau.de
Cc:	jslaby@...e.cz, dh.herrmann@...il.com, daniel.vetter@...ll.ch,
	peter@...leysoftware.com, tiwai@...e.de, mark.d.rustad@...el.com,
	joe@...ches.com, linux-kernel@...r.kernel.org,
	linux-kernel@...cs.fau.de, simone.weiss@....de
Subject: Re: questions to planned lock-functionality for vts

On Sun, Mar 22, 2015 at 11:03:03PM +0100, helene.gsaenger@...dium.fau.de wrote:
> Hello,
> 
> 
> We want to add a functionality to the kernel that allows to lock and unlock
> virtual terminals to maybe one day replace X11 screensavers and console
> lockers by a more secure kernel mechanism.

Wait, what's wrong with the existing functionality?

> It should behave like:
> If user A owns e.g. vt2, A is able to lock vt2 and unlock it again.
> This is realized by a userspace programm that calls ioctl, which the above
> mentioned added cases VT_LOCK and VT_UNLOCK.
> Another user(that is not root) wouldn't be allowed to un-/lock vt2.
> If anybody wants to change to a looked VT he gets redirected to vt12.
> At vt12 a userspace programm (to unlock a VT) would run and ask for
> loginname and password, if it is the password from the user that owns the
> locked terminal or from root.
> The VT gets unlocked and the user gets directed to his terminal.

Why would you want to put all of that into the kernel?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ