GNOME Bugzilla – Bug 128940
Conform to CSC-STD-002-85 [security auditing information]
Last modified: 2004-03-09 20:09:55 UTC
The CSC-STD-002-85 "Department of Defense Password management Guideline" (Green Book) document specifies several guidlines for password managment. Among these are auditing features for the user to be able to quickly recognize any illegitimate usage of his account. This information is generally supplied by PAM, and tends to include: - Date and time of last log-in - Location of last log-in, including vc, pty, or display (vc/1 physical virtual console, pty network console {i.e. ssh}, or X display such as :0 or :1 or possibly a remote X display); physical location class ("local" or "remote"); and, for remote log-ins, hostname and/or IP address of prior log-in. Specific areas addressed in this guideline include the responsibilities of the system security officer and of users, the functionality of the authentication mechanism, and password generation. The major features advocated in this guideline are: * Users should be able to change their own passwords. * Passwords should be machine-generated rather than user-created. * Certain audit reports (e.g., date and time of last login) should be provided by the system directly to the user. -- Excerpt from http://www.radium.ncsc.mil/tpep/library/rainbow/CSC-STD-002-85.html, Section 1.0 * Auditing Password systems used to control access to ADP systems that process or handle classified or other sensitive information must be able to assist in the detection of password compromise. -- Excerpt from http://www.radium.ncsc.mil/tpep/library/rainbow/CSC-STD-002-85.html, Section 2.0 In leiu of the above, I believe that an option to retrieve said PAM information upon user authentication and display it to the user in a message box, and preferably to allow the user to cancel and kill his log-in and avoid potentially running a startup script containing a malicious program during a legitimate log-in, should be added to GDM. It can initially be implimented as a simple pop-up dialog initially, but in the future it could be implimented in a similar way as the "YOU'VE GOT CAPSLOCK ON!!" warning to achieve a more aesthetic result while still gaining the same functionality.
This could currently be done by just modifying the Xsession script to display this info using something like zenity and exiting with errorcode 66 if the user wishes to cancel the session (to avoid the session crashed dialogue). However this is not likely desirable for a regular install ... Perhaps there should be some configure option or at least a mention in the docs about this.
Just adding this to CVS. That is, the last info as returned by /usr/bin/last is displayed after the username is entered in the ERRBOX. It can be turned off by the DisplayLastInfo key.
This has localization implications...