Version: (using KDE 4.1.2) OS: Linux Installed from: Ubuntu Packages This feature was originally requested here: https://launchpad.net/bugs/237721 From the report: "In many environments computers are left unattended (e.g. schools, libraries, etc) and people can launch applications which mimic the look-and-feel of the login application (GDM) [KDM in our case] in order to get the users username and password. This is called login spoofing. * http://en.wikipedia.org/wiki/Login_spoofing Login spoofing can be prevented by using a secure attention key which is a key combination pressed before the user login to launch the password request dialog. This key can only be seen by the kernel, and not sniffed by any application. * http://en.wikipedia.org/wiki/Secure_attention_key"
can this be done with the technologies currently available on linux (or some other major *nix)? linux has a SAK in theory, but i have no idea how that works and how it interacts with the x server. does the x server itself support something like that? it would have to be safe against keyboard and server grabs and getting hold of it should be reserved to the very first client which connects the server (which would be the display manager).
After further investigation at the downstream bug it has been determined that there probably would be a need for lower-level changes to take place before this could be implemented.
KDM is unmaintained and not used in KDE Plasma 5. SDDM is the login manager used in KDE Plasma 5. If you still have this same issue with SDDM, please file an issue on the SDDM bugtracker (after doing a search for existing issues first!): https://github.com/sddm/sddm/issues/