Re: Gnome-terminal: secure keyboard?
- From: Dax Kelson <dkelson inconnect com>
- To: Jim Gettys <jg pa dec com>
- cc: David Coe <david coe someotherplace org>, Miguel de Icaza <miguel nuclecu unam mx>, gnome-list gnome org, recipient list not shown: ;
- Subject: Re: Gnome-terminal: secure keyboard?
- Date: Thu, 3 Jun 1999 14:26:06 -0600 (MDT)
Jim Gettys said once upon a time (Thu, 3 Jun 1999):
> > - Jim
> > Jim, I'm not sure you're talking about the same thing I was
> > talking about, but I may be wrong.
> >
> > In xterm, when you set 'secure keyboard' (in the
> > CTRL-leftbtton menu), no other X app can
> > receive keystrokes until you set it back to normal. It's
> > used when entering plaintext passwords, etc. so that rogue
> > app's can't snoop on what you're typing, I believe. Xterm
> > swaps the foreground and background colors to remind the
> > user s/he's in that mode.
>
> You are right: I'm talking about something slightly different, that
> a terminal emulator should not trust any event that has the "send event"
> flag set, or it is prone to attack by someone trying to get control
> of your machine (which is why that flag is in the protocol in the first
> place).
> - Jim
That breaks stuff like Xvoice which is a voice recognition dictation app
that uses the IBM Linux ViaVoice SDK. It sends synthetic xevents to apps.
Dax Kelson
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]