FW: F7 T2 Security Leak?
Neal Becker
ndbecker2 at gmail.com
Sun Mar 4 21:25:59 UTC 2007
Jesse Keating wrote:
> On Sunday 04 March 2007 12:10:13 Michaël Vanderheeren wrote:
>> There are 2 accounts on a computer, call them A and B. Each account has
>> it's own different password.
>>
>> Person A starts up the computer and logs in. But at a certain point
>> person B wants to use his account for 5 minutes. So he uses the Fast User
>> Switch. As this happens person A's account stays active. But… person B
>> can switch back to person A's account without entering a password! So if
>> person A is gone for a while, person B can steal his documents, delete
>> files, …
>
> Fast User Switching by default enables the screen lock when a user is
> switched
> away from. Could there be a problem with your screen lock?
>
> Please keep in mind that any assumption of security is completely out of
> the water if folks have physical access to your computer, which they must
> have for fast user switching.
>
This comment is a bit extreme. True, in principal there is no security
without physical security - but that hardly means we should offer an open
invitation.
More information about the fedora-devel-list
mailing list