Version:  2.0.40 2.2.26 2.4.37 3.13 3.14 3.15 3.16 3.17 3.18 3.19 4.0 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10

Linux/Documentation/SAK.txt

  1 Linux 2.4.2 Secure Attention Key (SAK) handling
  2 18 March 2001, Andrew Morton
  3 
  4 An operating system's Secure Attention Key is a security tool which is
  5 provided as protection against trojan password capturing programs.  It
  6 is an undefeatable way of killing all programs which could be
  7 masquerading as login applications.  Users need to be taught to enter
  8 this key sequence before they log in to the system.
  9 
 10 From the PC keyboard, Linux has two similar but different ways of
 11 providing SAK.  One is the ALT-SYSRQ-K sequence.  You shouldn't use
 12 this sequence.  It is only available if the kernel was compiled with
 13 sysrq support.
 14 
 15 The proper way of generating a SAK is to define the key sequence using
 16 `loadkeys'.  This will work whether or not sysrq support is compiled
 17 into the kernel.
 18 
 19 SAK works correctly when the keyboard is in raw mode.  This means that
 20 once defined, SAK will kill a running X server.  If the system is in
 21 run level 5, the X server will restart.  This is what you want to
 22 happen.
 23 
 24 What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
 25 the machine.  CTRL-ALT-BACKSPACE is magical to the X server.  We'll
 26 choose CTRL-ALT-PAUSE.
 27 
 28 In your rc.sysinit (or rc.local) file, add the command
 29 
 30         echo "control alt keycode 101 = SAK" | /bin/loadkeys
 31 
 32 And that's it!  Only the superuser may reprogram the SAK key.
 33 
 34 
 35 NOTES
 36 =====
 37 
 38 1: Linux SAK is said to be not a "true SAK" as is required by
 39    systems which implement C2 level security.  This author does not
 40    know why.
 41 
 42 
 43 2: On the PC keyboard, SAK kills all applications which have
 44    /dev/console opened.
 45 
 46    Unfortunately this includes a number of things which you don't
 47    actually want killed.  This is because these applications are
 48    incorrectly holding /dev/console open.  Be sure to complain to your
 49    Linux distributor about this!
 50 
 51    You can identify processes which will be killed by SAK with the
 52    command
 53 
 54         # ls -l /proc/[0-9]*/fd/* | grep console
 55         l-wx------    1 root     root           64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
 56 
 57    Then:
 58 
 59         # ps aux|grep 579
 60         root       579  0.0  0.1  1088  436 ?        S    00:43   0:00 gpm -t ps/2
 61 
 62    So `gpm' will be killed by SAK.  This is a bug in gpm.  It should
 63    be closing standard input.  You can work around this by finding the
 64    initscript which launches gpm and changing it thusly:
 65 
 66    Old:
 67 
 68         daemon gpm
 69 
 70    New:
 71 
 72         daemon gpm < /dev/null
 73 
 74    Vixie cron also seems to have this problem, and needs the same treatment.
 75 
 76    Also, one prominent Linux distribution has the following three
 77    lines in its rc.sysinit and rc scripts:
 78 
 79         exec 3<&0
 80         exec 4>&1
 81         exec 5>&2
 82 
 83    These commands cause *all* daemons which are launched by the
 84    initscripts to have file descriptors 3, 4 and 5 attached to
 85    /dev/console.  So SAK kills them all.  A workaround is to simply
 86    delete these lines, but this may cause system management
 87    applications to malfunction - test everything well.
 88 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us