On Thu, Mar 15, 2007 at 09:37:03PM +0900, Arwyn Hainsworth wrote: > On 15/03/07, Soren Hansen <[EMAIL PROTECTED]> wrote: > >On Thu, Mar 15, 2007 at 10:23:32AM +0900, Arwyn Hainsworth wrote: > >> >I've always thought that the option of just giving any user access > >> >without authentication is broken and should be removed. Something > >> >like what happened to this user was bound to happen sooner or later > >> >and I can't think up a use case that justifies its presence. Can any > >> >of you? > >> I had a friend once who kept his home PC on so that he could log in > >> via remote desktop from work. IMHO that's a perfectly normal use case, > >> so it should be possible to log in without local user intervention and > >> removing that ability would be a mistake. > >An he can't remember a simple password? > I think you are misunderstanding my point or I was misunderstanding > yours.
I asked for a use case where it made sense to allow access without any form of authentication. Your response was a use case where someone needed access from the outside to an unmonitored machine. I failed to understand why said user was dependent on not having to give a password for that. > Some form of authentication should be required. It can be either > password authentication, public/private key authentication, direct > user intervention or a mixture of 2 or 3 of the above. Providing at > least one method of authentication is active I see no problem, however > I do agree that allowing remote connection without any form of > authentication is a security flaw and should not be possible. Indeed. > After checking Preferences->Remote_Desktop it does indeed seem to be > possible to disable all forms of authentication. Not good. If noone comes up with a proper use case I'll just hack together a patch that makes it impossible. -- | Soren Hansen | Linux2Go | http://Linux2Go.dk/ | | Seniorkonsulent | Lindholmsvej 42, 2. TH | +45 46 90 26 42 | | [EMAIL PROTECTED] | 9400 Norresundby, Denmark | GPG key: E8BDA4E3 |
signature.asc
Description: Digital signature
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
