From: spj@ukelele.gcr.com (Guru Aleph_Null) Subject: Re: How to disable C-A-D for non-root users? Date: Mon, 14 Jun 1993 04:07:12 GMT
bsa@kf8nh.wariat.org (Brandon S. Allbery) writes:
>In article <1993Jun13.130935.5632@excaliber.uucp> joel@rac2.wam.umd.edu (Joel M. Hoffman) writes:
>>>You running none root is meaninless in a multi user os.
>>>There are always some root processes running.
>>
>>What I'd like is for only C-A-D >NOT< to do anything at all unless it
>>comes from a root process. As I say, I don't know how to do this, and
>>I'm not sure what would happen if the user were running a suid root
>>process while s/he pressed C-A-D.
>Not possible... C-A-D being essentially an asynchronous signal, the currently
>running process could well be crond or inetd or etc. when it's pressed. And
>the kernel doesn't (and isn't really supposed to) track who "is running on"
>the console.
>If it's really a problem, disable C-A-D. I suspect that this is a good idea
>anyway... I've never found a situation where it's any more useful than a
>proper shutdown. (Or use it as a "secure interrupt" as I believe is provided
>for in the pl10 serial driver.)
Why not set up a "ghost VC" that requires a password to be entered
whenever C-A-D is hit? It will take over which ever VC is currently active
and time out when a password is never entered or log a message if an
incorrect password is entered and give back the VC. This should be really
easy to do.
>++Brandon
>--
>Brandon S. Allbery kf8nh@kf8nh.ampr.org bsa@kf8nh.wariat.org
>It's not too late to turn back from the "Gates" of Hell...
>Linux: the free 32-bit operating system, available NOW. Why waaaaaait for NT?
--
=========================================================================
Simon "Guru Aleph-Null" Janes |You! Stand up and be discounted
<spj@ukelele.gcr.com> |on the free market of run-of-the-
|mill ex-household-appliance dwellers.