[Secure-testing-team] Bug#645427: Stopped locking the screen when closing the laptop lid

Michael Gilbert michael.s.gilbert at gmail.com
Sat Oct 15 23:50:42 UTC 2011

Josh Triplett wrote:
> > shouldn't necessarily be viewed as some kind of security lapse
> > (especially since the screen is going to lock after some timeout
> > anyway).
> "immediately" versus "after several minutes" makes a big difference.

Once the user becomes familiar with the changed behavior, they will
make appropriate behavioral changes; that doesn't mean the screen
locking security model is broken, it's just different.

> > As a counter-point, xscreensaver does not automatically lock on lid
> > close either, and isn't expected to do so, so such behavior need not be
> > considered as a security issue.  I guess what I'm saying is that lid
> > close screen locking has in the past been a choice left up to the user,
> > so there's no reason to consider the same behavior as a security issue
> > now.
> The regression makes it a security issue.  gnome-screensaver previously
> locked on lid close, and now it doesn't.  It doesn't matter what
> xscreensaver does, or what gnome-screensaver does in different
> configurations.

The regression may certainly be a bug, and that's a fine thing to track.
The xscreensaver and gnome-screensaver security models are identical,
and the screen does not have to be locked on close in either.  That's an
option for the user to choose if they like something like that.

Best wishes,

More information about the Secure-testing-team mailing list