1915 – TDM UseSAK default should be false

By default, Bugzilla does not search the list of RESOLVED bugs.
You can force it to do so by putting the upper-case word ALL in front of your search query, e.g.: ALL tdelibs
We recommend searching for bugs this way, as you may discover that your bug has already been resolved and fixed in a later release.

Bug 1915 - TDM UseSAK default should be false

Summary: TDM UseSAK default should be false

Status:	RESOLVED FIXED

Alias:	None

Product:	TDE
Classification:	Unclassified
Component:	tdebase (show other bugs)
Version:	R14.0.0 [Trinity]
Hardware:	Other Linux

Importance:	P5 major
Assignee:	Timothy Pearson

URL:

Depends on:
Blocks:

Reported:	2014-02-07 13:19 CST by Darrell
Modified:	2014-02-24 21:01 CST (History)
CC List:	5 users (show)

See Also:
Compiler Version:
TDE Version String:
Application Version:
Application Name:

Attachments
Patch to change UseSAK default to false (311 bytes, patch) 2014-02-07 13:19 CST, Darrell	Details \| Diff
Updated patch to change UseSAK default to false (353 bytes, patch) 2014-02-10 09:48 CST, Darrell	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Darrell 2014-02-07 13:19:13 CST

Created attachment 1922 [details]
Patch to change UseSAK default to false

From watching discussions about SAK through the years, this feature confuses many users. There also is the problem of translations, a shared in bug 1232.

Although SAK is an important security feature, most single users are not interested. Enterprise administrators know enough to look for and enable the feature when desired.

Comment 1 Michele Calgaro 2014-02-09 06:45:46 CST

> Although SAK is an important security feature,
Frankly speaking, I have always struggled to understand what is the "security feature" provided by SAK. You press Ctrl+Alt+Del and you get to the same login screen you would have without SAK.
Perhaps I am missing something, but to me it is more an annoyance than a security feature (that's why I don't use it :) )

Comment 2 Timothy Pearson 2014-02-09 18:01:52 CST

Simply this: on an SAK-enabled system, *only* TDM or another application running as root can know that Ctrl+Alt+Del has been pressed.  This prevents exploits based on an old attack vector known as login spoofing from being used; as mentioned earlier by others, this feature is only useful on machines that have more than one graphics-enabled user account such as are typically found in an enterprise environment.

Comment 3 Darrell 2014-02-09 18:18:30 CST

>this feature is only useful on machines that have more than one graphics-
>enabled user account such as are typically found in an enterprise environment.
Which is why I filed the bug report to change the default to false. Admins in the enterprise know to look for this kind of feature. Stand-alone users do not know and are confused by the Ctrl+Alt+Del request, not to mention that the i18n translations of the feature have not been implemented.

Comment 4 Michele Calgaro 2014-02-09 23:25:32 CST

(In reply to comment #2)
Thanks for the explanation Tim :)

(In reply to comment #3)
I think Darrell's point of view is good. Stand-alone users don't really bother too much about having SAK and sys admin knows enough to enable SAK.
I also think making the default "false" is a good idea.
Plus we can add a comment in the R14 release notes saying that the default behavior for SAK has been changes to "false" and that to enable it again it is necessary to edit /etc/trinity/tdm/tdmrc.

Comment 5 Darrell 2014-02-10 00:33:32 CST

>necessary to edit /etc/trinity/tdm/tdmrc
There is a check box in the kcontrol login manager module, Appearance tab.

The attached patch is insufficient. My default tdmrc still has UseSAK=true.

Comment 6 Darrell 2014-02-10 09:48:13 CST

Created attachment 1925 [details]
Updated patch to change UseSAK default to false

This patch works.

Comment 7 Michele Calgaro 2014-02-11 03:28:06 CST

I tested the patch in a clean new installed TDE system.
At the first start, TDM did not display the SAK window, rather the standard login window.
Patch worked fine :)

IMO it could be pushed to GIT, but I would suggest we check with Tim/Slavek whether they also agree about making the default behavior "false" for SAK.

Comment 8 Slávek Banko 2014-02-12 10:41:58 CST

SAK has a couple of side inconveniences. They are the result of tdmsak not aware of the sessions (text/graphics) and the relationship keyboard => session.

+ on text console cannot be used Ctrl+Alt+Del to restart the system
+ for multi-seat machines, press Ctrl+Alt+Del is sent to all sessions
+ in krdc cannot be send Ctrl+Alt+Del to the remote machine

As for me, it is known that for me SAK does not produce a feeling of greater security (as well as for Michele). And also this is the first thing I do in tdmrc off. Therefore I have no objections set 'false' as default.

Comment 9 Michele Calgaro 2014-02-24 20:11:48 CST

Darrell, the patch works on your and my systems and Slavek also agrees in making the default false. IMO, go ahead, push to git and close this bug.

Comment 10 Darrell 2014-02-24 21:00:54 CST

Patch pushed to git in commit a7e7483a.