Bug#578736: This is actually a security concern

2010-05-04 Thread Tixy
I'm a user of Debian who also makes use of autologin for the same reason as Soeren, namely: "Encrypted filesystem (root/home). So directly after booting you enter your system password and it is just annoying to type your user password again. In this case logging off really -> $SHELL has

Bug#578736: This is actually a security concern

2010-05-04 Thread Soeren Sonnenburg
On Tue, 2010-05-04 at 19:16 +0200, Josselin Mouette wrote: > Le mardi 04 mai 2010 à 08:48 +0200, Soeren Sonnenburg a écrit : > > > Would you give a better rationale before playing BTS ping-pong? > > > > So you would expect that if you *log out* and turn away from your > > computer that you are su

Bug#578736: This is actually a security concern

2010-05-04 Thread Josselin Mouette
Le mardi 04 mai 2010 à 08:48 +0200, Soeren Sonnenburg a écrit : > > Would you give a better rationale before playing BTS ping-pong? > > So you would expect that if you *log out* and turn away from your > computer that you are suddenly logged in again? I would expect you can trust anyone having p

Bug#578736: This is actually a security concern

2010-05-03 Thread Soeren Sonnenburg
On Tue, 2010-05-04 at 08:40 +0200, Josselin Mouette wrote: > Le mardi 04 mai 2010 à 07:38 +0200, Soeren Sonnenburg a écrit : > > Package: gdm3 > > Version: 2.30.2-1 > > Severity: grave > > > > a user logging out would not expect his session to be auto-logged in > > again / a background crash hand

Bug#578736: This is actually a security concern

2010-05-03 Thread Josselin Mouette
Le mardi 04 mai 2010 à 07:38 +0200, Soeren Sonnenburg a écrit : > Package: gdm3 > Version: 2.30.2-1 > Severity: grave > > a user logging out would not expect his session to be auto-logged in > again / a background crash hands over the users session Would you give a better rationale before playin

Bug#578736: This is actually a security concern

2010-05-03 Thread Soeren Sonnenburg
Package: gdm3 Version: 2.30.2-1 Severity: grave a user logging out would not expect his session to be auto-logged in again / a background crash hands over the users session -- System Information: Debian Release: squeeze/sid APT prefers stable APT policy: (700, 'stable'), (650, 'testing'), (6