[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trusted path



Perhaps SAK can be implemented via wscons, similar to how it
traps keyboard events for console switching, etc.  Sound
plausible, comments?

On Tue, Apr 09, 2002 at 11:10:45AM -0700, David Shifflett wrote:
| I am interested in finding out if any one is working on a
| 'Trusted Path' (not TPE, Trusted Path Execution), or a
| 'secure attention key' in OpenBSD.
| 
| This functionality would be used to give the user some
| assurance that they are communicating with a trusted
| program/process/part of the system.  The main usage of this
| would be login, su, and perhaps sudo.
| A secondary usage would be for session level negotiation
| (for systems with this ability).
| 
| This idea begs the following questions:
| 1. What is this trusted program/process/part of the system
|     that the user communicates with, or more specifically,
|     how can it be trusted?  How is it separated from userland?
|     Is it also separated from Kernel space? A third domain?
| 
| 2. What other uses are there for this trusted path beyond
|     Identification & Authentication?  Access to system configuration
|     utilities like user creation, password management.
| 
| Has something like this been tried before?
| I couldn't find any references in the list archives,
| or via net searches.
| Does this fit better with TrustedBSD, rather than OpenBSD?
| 
| Any ideas, thoughts, comments, and criticism are welcome.
| Regards,
| David Shifflett

-- 
addr		= malachi_(_at_)_vaned_(_dot_)_net
keyid		= 0x938BACE2
fingerprint 	= D344 59EB 6A3B B09C 6AF6 82D6 517F F949 938B ACE2
--


Visit your host, monkey.org