Re: Does KDM need a password?
2009/1/26 Daniel Pittman <daniel@rimspace.net>:
> I don't know about you, but I occasionally leave my laptop unattended,
> and while the KDE screen-saver locks it, it also offers the "switch
> user" option.
>
Thank. I _never_ leave the machine unattended. It would be stolen immediately.
> Using that someone could trivially open a new KDM login prompt, hit
> return, and have access to your identity. Not much fun.
>
My identity? They can have it! In any case, once they have the
hardware, even a password prompt at the KDM won't help if that is what
they want.
> A lot of Unix security assumes that you prompt for authentication before
> allowing access to a user account; while you can violate that you will
> find that it does[1] open security holes by violating upstream
> maintainers assumptions.
>
This is exactly why I asked! I would like to know if there are some
hidden gotchas that I am not aware about, besides the obvious..
--
Dotan Cohen
http://what-is-what.com
http://gibberish.co.il
א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת
ا-ب-ت-ث-ج-ح-خ-د-ذ-ر-ز-س-ش-ص-ض-ط-ظ-ع-غ-ف-ق-ك-ل-م-ن-ه-و-ي
А-Б-В-Г-Д-Е-Ё-Ж-З-И-Й-К-Л-М-Н-О-П-Р-С-Т-У-Ф-Х-Ц-Ч-Ш-Щ-Ъ-Ы-Ь-Э-Ю-Я
а-б-в-г-д-е-ё-ж-з-и-й-к-л-м-н-о-п-р-с-т-у-ф-х-ц-ч-ш-щ-ъ-ы-ь-э-ю-я
ä-ö-ü-ß-Ä-Ö-Ü
Reply to: