[Pkg-xfce-devel] Bug#854344: Password dialog can be skipped using lightdm autologin feature
corsac at debian.org
Sun Mar 12 13:11:47 UTC 2017
On Sun, 12 Mar 2017 12:48:03 +0100 Margarita Manterola <marga at debian.org>
> reassign -1 lightdm 1.18.3-1
> retitle -1 Screensaver lock can be skipped using lightdm autologin
> On 2017-02-06 10:25, Ivar Smolin wrote:
> > If user locks the screen with cinnamon-screensaver, the password dialog
> > can be skipped if lightdm autologin feature is enabled.
> I've verified that this is exactly the same if the user uses the KDE
> screensaver, so I'm reassigning the bug to lightdm.
> > Scenario:
> > 1. Lock the screen
> > 2. Use "Switch users" button to activate the lightdm screen
> > 3. Wait until lightdm autologin timeout is over
> > 4. User desktop is activated
> While I understand that this might be confusing and not what the user
> expects (in some very specific situations), I don't think this is a
> "security" bug. It seems to me that this is basically working as
> intended, and that changing the behavior is a feature request to allow
> very specific usecases (i.e. not having to type 2 passwords if your disk
> is encrypted or having a session start automatically and then get locked
> Still, I'll let the lightdm maintainers decide on that.
Agreed, it looks to me like it's running more or less as intended. Can you be
a little bit more specific on what would be the expected behavior from your
point of view?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: This is a digitally signed message part
More information about the Pkg-xfce-devel