Dotan Cohen <[email protected]> writes:
> My laptop password-protects the harddrive, to unlock it I must enter a
> password before the BIOS starts the OS. Is it thus redundant to have a
> password at the KDM logon screen?
I don't know about you, but I occasionally leave my laptop unattended,
and while the KDE screen-saver locks it, it also offers the "switch
user" option.
Using that someone could trivially open a new KDM login prompt, hit
return, and have access to your identity. Not much fun.
A lot of Unix security assumes that you prompt for authentication before
allowing access to a user account; while you can violate that you will
find that it does[1] open security holes by violating upstream
maintainers assumptions.
Regards,
Daniel
Footnotes:
[1] More precisely, "is extremely likely to without very, very careful
configuration on your part, such that you are unlikely to always
succeed in finding the holes before they are exposed."
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
