At 08:38 PM 3/5/98 -0500, andrew fabbro wrote:
Can you build a reliable login tripwire on a machine where you don't have root access and root is likely a malicious character? The answer is...maybe! It requires a fairly sophisticated protocol and a lot of work...here are three of my ideas that didn't pan out, one that probably would, and a lot of caveats. I'd appreciate comments, criticism, etc. from other 'punks.
Look up Ross Anderson et al's paper, Programming Satan's Computer, in which a similarly omnipotent and malicious programming environment is discussed. ------------------------------------------------------------ David Honig Orbit Technology honig@otc.net Intaanetto Jigyoubu "But if we have to use force, it is because we are America; we are the indispensable nation." ---Secretary of State Madeleine K. Albright http://www.jya.com/see-far.htm