1 ========================================= 2 Linux Secure Attention Key (SAK) handling 3 ========================================= 4 5 :Date: 18 March 2001 6 :Author: Andrew Morton 7 8 An operating system's Secure Attention Key is a security tool which is 9 provided as protection against trojan password capturing programs. It 10 is an undefeatable way of killing all programs which could be 11 masquerading as login applications. Users need to be taught to enter 12 this key sequence before they log in to the system. 13 14 From the PC keyboard, Linux has two similar but different ways of 15 providing SAK. One is the ALT-SYSRQ-K sequence. You shouldn't use 16 this sequence. It is only available if the kernel was compiled with 17 sysrq support. 18 19 The proper way of generating a SAK is to define the key sequence using 20 ``loadkeys``. This will work whether or not sysrq support is compiled 21 into the kernel. 22 23 SAK works correctly when the keyboard is in raw mode. This means that 24 once defined, SAK will kill a running X server. If the system is in 25 run level 5, the X server will restart. This is what you want to 26 happen. 27 28 What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot 29 the machine. CTRL-ALT-BACKSPACE is magical to the X server. We'll 30 choose CTRL-ALT-PAUSE. 31 32 In your rc.sysinit (or rc.local) file, add the command:: 33 34 echo "control alt keycode 101 = SAK" | /bin/loadkeys 35 36 And that's it! Only the superuser may reprogram the SAK key. 37 38 39 .. note:: 40 41 1. Linux SAK is said to be not a "true SAK" as is required by 42 systems which implement C2 level security. This author does not 43 know why. 44 45 46 2. On the PC keyboard, SAK kills all applications which have 47 /dev/console opened. 48 49 Unfortunately this includes a number of things which you don't 50 actually want killed. This is because these applications are 51 incorrectly holding /dev/console open. Be sure to complain to your 52 Linux distributor about this! 53 54 You can identify processes which will be killed by SAK with the 55 command:: 56 57 # ls -l /proc/[0-9]*/fd/* | grep console 58 l-wx------ 1 root root 64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console 59 60 Then:: 61 62 # ps aux|grep 579 63 root 579 0.0 0.1 1088 436 ? S 00:43 0:00 gpm -t ps/2 64 65 So ``gpm`` will be killed by SAK. This is a bug in gpm. It should 66 be closing standard input. You can work around this by finding the 67 initscript which launches gpm and changing it thusly: 68 69 Old:: 70 71 daemon gpm 72 73 New:: 74 75 daemon gpm < /dev/null 76 77 Vixie cron also seems to have this problem, and needs the same treatment. 78 79 Also, one prominent Linux distribution has the following three 80 lines in its rc.sysinit and rc scripts:: 81 82 exec 3<&0 83 exec 4>&1 84 exec 5>&2 85 86 These commands cause **all** daemons which are launched by the 87 initscripts to have file descriptors 3, 4 and 5 attached to 88 /dev/console. So SAK kills them all. A workaround is to simply 89 delete these lines, but this may cause system management 90 applications to malfunction - test everything well. 91
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.