Given the security implications for users who do use full-disk encryption, I strongly object to "wishlist" importance here -- this represents a major regression, in my mind (and for my personal machines), which will force me to work around in an annoying way if it is not fixed.
In addition, I would argue that autologin is entirely the wrong setting to look at here. Instead, if a user has configured the screensaver to lock the screen when idle, then the machine should also lock on suspend, and vice versa. This is certainly the behavior I had always assumed Ubuntu had, and am surprised to hear it is not. Autologin is a *very* poor proxy for "Is the state of this machine while suspended worth password-protecting?". Encrypted disks are an obvious reason, but there are also things like keys stored in the keyring that a user has decrypted once with a password, but are now stored in-RAM in the clear. Similarly, networked credentials like Kerberos tickets might be present on a suspended, that would not be present if an attacker rebooted the machine. There is also the simpler issue of social conventions and expectations -- My roommates and I might leave laptops around shared space in an apartment with the implicit convention of "If the screen is locked, don't use it; but if it unlocks when you poke it, feel free to use my web browser to look something up". In such a case, the lock screen is not a security mechanism at all, but just a social indicator of the expected use for this laptop. Currently, I can control the lock behavior if the machine is left idle for five minutes via the screensaver; Why should I not be able to do so when the machine suspends? Or, even better, why should it not be the same setting? -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-settings-daemon in Ubuntu. https://bugs.launchpad.net/bugs/938076 Title: Auto-lock on suspend is still needed when encrypting file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-settings-daemon/+bug/938076/+subscriptions -- desktop-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
