zlacker

[return to "The Linux Security Circus: On GUI isolation"]
1. follow+x2[view] [source] 2011-04-23 23:12:25
>>wglb+(OP)
I seem to recall the "Secure Keyboard Entry" option (in the application menu) in Terminal on OS X is supposed to stop the su/sudo problem on OS X at least for terminals.
◧◩
2. there+c3[view] [source] 2011-04-23 23:33:10
>>follow+x2
xterm has a secure keyboard option from its menu (control+click) that is supposed to prevent other applications from being able to receive X11 events related to input.

the thing you are referring to on os x is similar, with a system-wide capability. when you enter passwords for keychain and similar things, these have secure input enabled by default. i think it's up to the application to enable it, but when it's enabled for a field, no other application can intercept those events.

◧◩◪
3. rg3+x3[view] [source] 2011-04-23 23:41:37
>>there+c3
Thanks for pointing out the "Secure Keyboard" option. Make sure to test it before relying on it, though. I just tested in my system and it does not prevent "xinput test" from receiving the key presses, even when typing the "su" password.
[go to top]