Ubuntu Wiki

• Launchpad Entry: secure-login-screen

• Created: 2007-4-12 by Lean Fuglsang

• Contributors: Lean Fuglsang

• Packages affected: GDM, X, Kernel

• See also:

Summary

Implement a trusted key combination ctrl+alt+delete , that shows the login screen. Show a screen that says you have to press ctrl+alt+delete before you log in.

Rationale

When multiple users use the same machine, one user can get the password of another user by creating a fullscreen application that looks like the login screen.

Use Cases

• Bob is a user in a corporate network, where a lot of people share the computers. When Bob logs in for the first time, he sees a message 'You have to press Control+Alt+Delete, before you can log in (read more here)'. The next time Bobs has to log in, he uses the Control+Alt+Delete combination, and feels more secure.

Scope

This specification covers feature specifications for GDM, X, fast user switching, the kernel, maybe others.

Design

• Hide the login screen from GDM, and only show it when Ctrl+Alt+Delete is pressed.
• Make sure that no userspace program can use information of the Ctrl+Alt+Delete combination (or any other combination we choose to use).
• Let a root daemon run when a Gnome session is started, that can grab Ctrl+Alt+Delete keypresses. Let this demon switch to GDM when the keys are pressed, so a new user can login. The switching to GDM should be done with a flag, so GDM knows that Ctrl+Alt+Delete already have been pressed.

Implementation Plan

No implementation plan yet.

Implementation

No implementation yet.

Outstanding Issues