On Mon, 2009-02-09 at 10:37 -0500, Chuck Anderson wrote: > On Mon, Feb 09, 2009 at 10:34:16AM -0500, Adam Jackson wrote: > > If someone can come up with a scenario where you really need zap, and > > not just vt switch and/or logout dialog, I'm eager to hear it. If you > > can come up with one that isn't "some broken application took a server > > grab and won't give it back", I'll even be interested. > > It serves as a Secure Attention Key--a way to assure that you are > getting the "real" login screen and not a trojan that is trying to > capture your login password. Except for all the ways it doesn't, of course. If someone has managed to get access to your X server, odds are good they can a) do it again, b) replace bits of the user's X init sequence. DGA even lets you steal the c-a-bs away from the server's command processing, which is _way_ awesome. Now you can even fake the server reset sequence! - ajax
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
