linux/Documentation/SAK.txt
<<
>>
Prefs
   1Linux 2.4.2 Secure Attention Key (SAK) handling
   218 March 2001, Andrew Morton
   3
   4An operating system's Secure Attention Key is a security tool which is
   5provided as protection against trojan password capturing programs.  It
   6is an undefeatable way of killing all programs which could be
   7masquerading as login applications.  Users need to be taught to enter
   8this key sequence before they log in to the system.
   9
  10From the PC keyboard, Linux has two similar but different ways of
  11providing SAK.  One is the ALT-SYSRQ-K sequence.  You shouldn't use
  12this sequence.  It is only available if the kernel was compiled with
  13sysrq support.
  14
  15The proper way of generating a SAK is to define the key sequence using
  16`loadkeys'.  This will work whether or not sysrq support is compiled
  17into the kernel.
  18
  19SAK works correctly when the keyboard is in raw mode.  This means that
  20once defined, SAK will kill a running X server.  If the system is in
  21run level 5, the X server will restart.  This is what you want to
  22happen.
  23
  24What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
  25the machine.  CTRL-ALT-BACKSPACE is magical to the X server.  We'll
  26choose CTRL-ALT-PAUSE.
  27
  28In your rc.sysinit (or rc.local) file, add the command
  29
  30        echo "control alt keycode 101 = SAK" | /bin/loadkeys
  31
  32And that's it!  Only the superuser may reprogram the SAK key.
  33
  34
  35NOTES
  36=====
  37
  381: Linux SAK is said to be not a "true SAK" as is required by
  39   systems which implement C2 level security.  This author does not
  40   know why.
  41
  42
  432: On the PC keyboard, SAK kills all applications which have
  44   /dev/console opened.
  45
  46   Unfortunately this includes a number of things which you don't
  47   actually want killed.  This is because these applications are
  48   incorrectly holding /dev/console open.  Be sure to complain to your
  49   Linux distributor about this!
  50
  51   You can identify processes which will be killed by SAK with the
  52   command
  53
  54        # ls -l /proc/[0-9]*/fd/* | grep console
  55        l-wx------    1 root     root           64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
  56
  57   Then:
  58
  59        # ps aux|grep 579
  60        root       579  0.0  0.1  1088  436 ?        S    00:43   0:00 gpm -t ps/2
  61
  62   So `gpm' will be killed by SAK.  This is a bug in gpm.  It should
  63   be closing standard input.  You can work around this by finding the
  64   initscript which launches gpm and changing it thusly:
  65
  66   Old:
  67
  68        daemon gpm
  69
  70   New:
  71
  72        daemon gpm < /dev/null
  73
  74   Vixie cron also seems to have this problem, and needs the same treatment.
  75
  76   Also, one prominent Linux distribution has the following three
  77   lines in its rc.sysinit and rc scripts:
  78
  79        exec 3<&0
  80        exec 4>&1
  81        exec 5>&2
  82
  83   These commands cause *all* daemons which are launched by the
  84   initscripts to have file descriptors 3, 4 and 5 attached to
  85   /dev/console.  So SAK kills them all.  A workaround is to simply
  86   delete these lines, but this may cause system management
  87   applications to malfunction - test everything well.
  88
  89
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.