Results 1 to 5 of 5

Thread: Sessions should be password protected?

  1. #1
    Join Date
    Oct 2005
    Location
    swuk
    Beans
    53
    Distro
    Kubuntu 8.04 Hardy Heron

    Sessions should be password protected?

    I have put an idea to the ubuntu brainstorm regarding the sessions in ubuntu. You can jump over there to see the details and vote/comment/both by going here;

    http://brainstorm.ubuntu.com/idea/8693/

    Basically put, the idea is;

    To password protect;

    Start Menu > System > Preferences

  2. #2
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Beans
    1,393
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Sessions should be password protected?

    I do not understand why you would need this. If your computer is unattended and you leave your graphical sesison open, somebody could just as easily open a file browser or terminal and start deleting all of your files. Just lock your desktop if you are going to be away from your machine.

  3. #3
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Sessions should be password protected?

    I agree with Monicker on that

  4. #4
    Join Date
    Oct 2005
    Location
    swuk
    Beans
    53
    Distro
    Kubuntu 8.04 Hardy Heron

    Re: Sessions should be password protected?

    Perhaps the post is not clear enough as there seems to be some confusion over how access is gained. I am not worried about someone walking up to my desk and changing the sessions (although it would be annoying). I mentioned in the post 'an outsider or someone on the network', which I was meaning a hacker.

    I also cannot see how sessions are deemed less important than, say, time and date which requires admin privileges to change, when sessions can contain some very important setups.

  5. #5
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Beans
    1,393
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Sessions should be password protected?

    How is someone going to hack your graphical session from "outside" and get into that menu? Unless you have some kind of poorly implemented remote desktop function running, they will never see your graphical session. That leaves other avenues of attack, such as exploitable/poorly secured services. If I managed to "hack" your ssh password, I would still be able to get into your home folder, where all of your user specific settings are stored, and modify your settings or delete your files. If I managed to get root access by "hacking" your system, then again it does not matter, because then I could change anything on your system. There are several applications which are dependent on the system having a correct date and time - kerberos comes to mind - so it is deemed something which requires admin access in order to change. You can't say the same of user preferences in Sessions.

    So again, why password protect something which is specific to YOUR account and session settings, if you are already logged in as that user?
    Last edited by Monicker; May 18th, 2008 at 07:15 PM. Reason: grammar

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •