On Tuesday 22 November 2011 11:09:58 pm Timothy Pearson wrote:
On Tuesday 22 November 2011 10:47:12 pm Timothy Pearson wrote:
Whenever my screen locks (e.g. from my screen saver or from
manually
locking) and I go to unlock, I'm told to press CTRL+ALT+Del, and it
says
it's displaying that so the login screen doesn't get spoofed.
When logging out, I get a window saying it's saving my settings.
Both of these remind me of WinXP. The CTRL+ALT+Del thing is of
WinNT
(XP
is based on NT).
Is there a way to turn this off?
Also, if the CTRL+ALT+Del thing is used for unlocking, why not too
for
logging in?
It is normally used for both unlock and login. It is a generic implementation of a Secure Attention Key (SAK), without which Linux
is
actually less secure than Windows.
Never heard of it, nor have I ever seen CTRL+ALT+Del in Linux
The problem boils down to the fact that I can make a perfect copy of the login (or lock) screen, leave it running as a non-priviledged user (e.g. on a public computer), and grab your password. There is no way for you to know the real login screen from a good fake. The SAK allows the operating system to reserve a secure keypress (in this case Ctrl+Alt+Del) that no userspace application will ever be able to see, therefore preventing emulation of the logon sequence before any passwords are typed.
A good iptables setup (block all except what's absolutely needed), an encrypted hard disk, and not allowing physical access to my laptop whilst it is on make me confident that won't happen :-)
The SAK support can be turned off in the KDM control center module.
I don't see it anywhere under Login Manager or KDM Theme Manager.
These
are the only two modules that show up when I type kdm into the search
box
for kcontrol.
Look for Login Manager in kcontrol.
Also, if you really don't like the startup/shudown splash screens simply select a splash screen other than "Unified". Many users here like to have feedback that their computer is actually doing something once logout has been pressed, but to each their own. ;-)
To quote my previous message:
I don't see it anywhere under Login Manager or KDM Theme Manager.
These
are the only two modules that show up when I type kdm into the search
box
for kcontrol.
Unified wasn't selected when I installed TDE. It was default to one of the moreblue splash screens. I've already changed it, but it only affected the login splash. The logout splash is still a window telling me it's saving me my settings.
Sorry, it's been a long day and I guess I missed that part in your message.
The saving settings dialog has a configuration file setting but no GUI configuration checkbox IIRC. Definitely something that should be looked at for R14.0--a bug report would help.
Tim