Allowing passwordless login via GDM
reitblatt at gmail.com
Tue Feb 27 09:05:26 UTC 2007
On 2/27/07, Florian Hackenberger <f.hackenberger at chello.at> wrote:
> On Monday 26 February 2007 22:33, Mike Fedyk wrote:
> > So does GDM.
> No, it doesn't. As the OP tried to point out, there is a semantic difference
> between autologin and password-less login. Autologin automatically logs one
> specific user into the system, while password-less login requires the user to
> type in the username and press enter. It allows the user to choose at login
> time which system user will log into the system.
> While password-less logins are inevitably a privacy concern, I think we
> should enable our users to make an educated choice by providing the feature
> (like kdm does) and making 100% sure that they are informed what the
> consequences are (reduced security, decrease of privacy, tell them not to
> save any important data using this account...).
I was raised that physical access trumps all security measures (except
properly applied crypto). I fail to see how this significantly affects
security (except for laptops).
We're not talking about passwordless accounts, but rather bypassing
the password for physical access. I can see how this would be useful
for public computers such as libraries and kiosks. Perhaps a school
computer has a default passwordless logon for students, and allows
teachers to login w/ their own account/password.
Our users are not idiots, despite how much some of you seem to think
they are. That passwordless logons have privacy implications is quite
obvious, even to non-technical users. It also seems that there could
be benefits and applications for such a feature.
However, this should also be considered in light of the requests to
auto-login for gnome-keyring. It seems that it would be more correct
to distinguish between password/passwordless logons for that spec.
Anybody who tells me I can't use a program because it's not open
source, go suck on rms. I'm not interested. 99% of that I run tends to
be open source, but that's _my_ choice, dammit.
-- Linus Torvalds
More information about the Ubuntu-devel-discuss