F7 T2 Security Leak?
Michaël Vanderheeren
michael.vanderheeren at gmail.com
Sun Mar 4 16:53:56 UTC 2007
I think there's a security leak in F7. I found out the next thing:
Look at this situation:
There are 2 accounts on a computer, call them A and B. Each account has it's
own different password.
Person A starts up the computer and logs in. But at a certain point person B
wants to use his account for 5 minutes. So he uses the Fast User Switch. As
this happens person A's account stays active. But
person B can switch back
to person A's account without entering a password! So if person A is gone
for a while, person B can steal his documents, delete files,
Greetings,
Michaël Vanderheeren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-security-list/attachments/20070304/3861f5f9/attachment.htm>
More information about the Fedora-security-list
mailing list