About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Documentation / SAK.txt




Custom Search

Based on kernel version 2.6.33. Page generated on 2010-02-24 15:36 EST.

1	Linux 2.4.2 Secure Attention Key (SAK) handling
2	18 March 2001, Andrew Morton
3	
4	An operating system's Secure Attention Key is a security tool which is
5	provided as protection against trojan password capturing programs.  It
6	is an undefeatable way of killing all programs which could be
7	masquerading as login applications.  Users need to be taught to enter
8	this key sequence before they log in to the system.
9	
10	From the PC keyboard, Linux has two similar but different ways of
11	providing SAK.  One is the ALT-SYSRQ-K sequence.  You shouldn't use
12	this sequence.  It is only available if the kernel was compiled with
13	sysrq support.
14	
15	The proper way of generating a SAK is to define the key sequence using
16	`loadkeys'.  This will work whether or not sysrq support is compiled
17	into the kernel.
18	
19	SAK works correctly when the keyboard is in raw mode.  This means that
20	once defined, SAK will kill a running X server.  If the system is in
21	run level 5, the X server will restart.  This is what you want to
22	happen.
23	
24	What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
25	the machine.  CTRL-ALT-BACKSPACE is magical to the X server.  We'll
26	choose CTRL-ALT-PAUSE.
27	
28	In your rc.sysinit (or rc.local) file, add the command
29	
30		echo "control alt keycode 101 = SAK" | /bin/loadkeys
31	
32	And that's it!  Only the superuser may reprogram the SAK key.
33	
34	
35	NOTES
36	=====
37	
38	1: Linux SAK is said to be not a "true SAK" as is required by
39	   systems which implement C2 level security.  This author does not
40	   know why.
41	
42	
43	2: On the PC keyboard, SAK kills all applications which have
44	   /dev/console opened.
45	
46	   Unfortunately this includes a number of things which you don't
47	   actually want killed.  This is because these applications are
48	   incorrectly holding /dev/console open.  Be sure to complain to your
49	   Linux distributor about this!
50	
51	   You can identify processes which will be killed by SAK with the
52	   command
53	
54		# ls -l /proc/[0-9]*/fd/* | grep console
55		l-wx------    1 root     root           64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
56	
57	   Then:
58	
59		# ps aux|grep 579
60		root       579  0.0  0.1  1088  436 ?        S    00:43   0:00 gpm -t ps/2
61	
62	   So `gpm' will be killed by SAK.  This is a bug in gpm.  It should
63	   be closing standard input.  You can work around this by finding the
64	   initscript which launches gpm and changing it thusly:
65	
66	   Old:
67	
68		daemon gpm
69	
70	   New:
71	
72		daemon gpm < /dev/null
73	
74	   Vixie cron also seems to have this problem, and needs the same treatment.
75	
76	   Also, one prominent Linux distribution has the following three
77	   lines in its rc.sysinit and rc scripts:
78	
79		exec 3<&0
80		exec 4>&1
81		exec 5>&2
82	
83	   These commands cause *all* daemons which are launched by the
84	   initscripts to have file descriptors 3, 4 and 5 attached to
85	   /dev/console.  So SAK kills them all.  A workaround is to simply
86	   delete these lines, but this may cause system management
87	   applications to malfunction - test everything well.
Hide Line Numbers
About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog
Information is copyright its respective author. All material is available from the Linux Kernel Source distributed under a GPL License. This page is provided as a free service by mjmwired.net.