Re: FW: F7 T2 Security Leak?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Michaël Vanderheeren wrote:
I think there's a security leak in F7. I found out the next thing:

Look at this situation:

There are 2 accounts on a computer, call them A and B. Each account has it's own different password.

Person A starts up the computer and logs in. But at a certain point person B wants to use his account for 5 minutes. So he uses the Fast User Switch. As this happens person A's account stays active. But… person B can switch back to person A's account without entering a password! So if person A is gone for a while, person B can steal his documents, delete files, …

Not a bug. Not a security problem. I've tested FUSA on Gnome and it works beautifully. Locks by default, doesn't lock when I disable it, as it should not. However KDE (Switch User) does not honor the locking setting established by Gnome.

FUSA may well be FC7's best feature. I use many accounts simultaneously. FUSA and VNC are just a dream. I would be beside myself if Fedora slowed down FUSA by forcing me to use a false sense of security on my own computer.

-pmr

--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux