Diffstat (limited to 'Documentation/SAK.txt')
1 files changed, 88 insertions, 0 deletions
diff --git a/Documentation/SAK.txt b/Documentation/SAK.txt
new file mode 100644
@@ -0,0 +1,88 @@
+Linux 2.4.2 Secure Attention Key (SAK) handling
+18 March 2001, Andrew Morton
+An operating system's Secure Attention Key is a security tool which is
+provided as protection against trojan password capturing programs. It
+is an undefeatable way of killing all programs which could be
+masquerading as login applications. Users need to be taught to enter
+this key sequence before they log in to the system.
+From the PC keyboard, Linux has two similar but different ways of
+providing SAK. One is the ALT-SYSRQ-K sequence. You shouldn't use
+this sequence. It is only available if the kernel was compiled with
+The proper way of generating a SAK is to define the key sequence using
+`loadkeys'. This will work whether or not sysrq support is compiled
+into the kernel.
+SAK works correctly when the keyboard is in raw mode. This means that
+once defined, SAK will kill a running X server. If the system is in
+run level 5, the X server will restart. This is what you want to
+What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
+the machine. CTRL-ALT-BACKSPACE is magical to the X server. We'll
+In your rc.sysinit (or rc.local) file, add the command
+ echo "control alt keycode 101 = SAK" | /bin/loadkeys
+And that's it! Only the superuser may reprogram the SAK key.
+1: Linux SAK is said to be not a "true SAK" as is required by
+ systems which implement C2 level security. This author does not
+ know why.
+2: On the PC keyboard, SAK kills all applications which have
+ /dev/console opened.
+ Unfortunately this includes a number of things which you don't
+ actually want killed. This is because these applications are
+ incorrectly holding /dev/console open. Be sure to complain to your
+ Linux distributor about this!
+ You can identify processes which will be killed by SAK with the
+ # ls -l /proc/[0-9]*/fd/* | grep console
+ l-wx------ 1 root root 64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
+ # ps aux|grep 579
+ root 579 0.0 0.1 1088 436 ? S 00:43 0:00 gpm -t ps/2
+ So `gpm' will be killed by SAK. This is a bug in gpm. It should
+ be closing standard input. You can work around this by finding the
+ initscript which launches gpm and changing it thusly:
+ daemon gpm
+ daemon gpm < /dev/null
+ Vixie cron also seems to have this problem, and needs the same treatment.
+ Also, one prominent Linux distribution has the following three
+ lines in its rc.sysinit and rc scripts:
+ exec 3<&0
+ exec 4>&1
+ exec 5>&2
+ These commands cause *all* daemons which are launched by the
+ initscripts to have file descriptors 3, 4 and 5 attached to
+ /dev/console. So SAK kills them all. A workaround is to simply
+ delete these lines, but this may cause system management
+ applications to malfunction - test everything well.