A secure attention key (SAK), special attention key, or secure attention sequence (SAS) is a special key, key combination or sequence to be pressed on a

computer keyboard A computer keyboard is a built-in or peripheral input device modeled after the typewriter keyboard which uses an arrangement of buttons or Push-button, keys to act as Mechanical keyboard, mechanical levers or Electronic switching system, electro ...

before a

login In computer security, logging in (or logging on, signing in, or signing on) is the process by which an individual gains access to a computer system or program by identifying and authenticating themselves. Typically, user credential ...

screen which must, to the user, be completely trustworthy. The

operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...

kernel, which interacts directly with the hardware, or init system is able to detect whether the secure attention key has been pressed. When this event is detected, the trusted login processing is started. The secure attention key is designed to make login spoofing impossible, as the kernel will suspend any program, including those masquerading as the computer's login process, before starting a trustable login operation.

Examples

Some examples are: * : Introduced in

systemd systemd is a software suite that provides an array of system components for Linux operating systems. The main aim is to unify service configuration and behavior across Linux distributions. Its primary component is a "system and service manage ...

v257 as a more reliable SAK for

Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...

distributions but may require support from the currently running

desktop environment In computing, a desktop environment (DE) is an implementation of the desktop metaphor made of a bundle of programs running on top of a computer operating system that share a common graphical user interface (GUI), sometimes described as a graphi ...

. It is implemented as of gdm (

GNOME A gnome () is a mythological creature and diminutive spirit in Renaissance magic and alchemy, introduced by Paracelsus in the 16th century and widely adopted by authors, including those of modern fantasy literature. They are typically depict ...

display manager) 47. * on

X Window System The X Window System (X11, or simply X) is a windowing system for bitmap displays, common on Unix-like operating systems. X originated as part of Project Athena at Massachusetts Institute of Technology (MIT) in 1984. The X protocol has been at ...

immediately kills the X server (although the key combination can be disabled) and can be used to quickly and easily get back to the login prompt. * default sequence for

. Not a true C2-compliant SAK. * then on

AIX Aix or AIX may refer to: Computing * AIX, a line of IBM computer operating systems *Alternate index, for an IBM Virtual Storage Access Method key-sequenced data set * Athens Internet Exchange, a European Internet exchange point Places Belg ...

, but it can be disabled. * for

PLATO IV PLATO (Programmed Logic for Automatic Teaching Operations), also known as Project Plato and Project PLATO, was the first generalized computer-assisted instruction system. Starting in 1960, it ran on the University of Illinois's ILLIAC I compu ...

in the 1970s. * for Windows NT.

References

Computer security procedures Computer access control {{desktop-environment-stub

Examples

See also

References