Finding Passwords
Dan Bernstein
brnstnd at kramden.acf.nyu.edu
Mon Oct 1 13:05:03 AEST 1990
In article <20849 at well.sf.ca.us> nagle at well.sf.ca.us (John Nagle) writes:
[ trusted paths ]
> You can't do it in "getty"; it has to be in the kernel. There
> must be something the user can (and must) do that can't be intercepted
> by any user program.
No to the first; yes to the second. You can keep the user away from the
physical terminal device without changing the kernel. Steve Bellovin's
session manager paper elaborates upon this. (Well, his design required a
few extensions to System V facilities, but all the necessary features
are already in BSD.)
---Dan
More information about the Comp.unix.internals
mailing list