Bug#578736: This is actually a security concern

Josselin Mouette joss at debian.org
Tue May 4 17:16:39 UTC 2010

Le mardi 04 mai 2010 à 08:48 +0200, Soeren Sonnenburg a écrit : 
> > Would you give a better rationale before playing BTS ping-pong?
> So you would expect that if you *log out* and turn away from your
> computer that you are suddenly logged in again?

I would expect you can trust anyone having physical access to a computer
with autologin enabled, so it doesn’t matter in terms of security.

If someone you don’t trust has access to your computer when you turn
away from it, he might also reboot it and benefit from the autologin.

I’m not implying it’s not a bug. If you logged off, you don’t
necessarily want the session to restart, so this is definitely one. But
it has no security implications.

 .''`.      Josselin Mouette
: :' :
`. `'  “If you behave this way because you are blackmailed by someone,
  `-    […] I will see what I can do for you.”  -- Jörg Schilling
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20100504/6109358c/attachment.pgp>

More information about the pkg-gnome-maintainers mailing list