[ubuntu-hardened] Guest account - security implications?
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Feb 18 13:02:37 UTC 2013
On 13-02-18 07:59 AM, Daniel Curtis wrote:
> Hi,
>
> On Xubuntu 12.04 is available an option to logging on the guest account
> without having to type a password. By logging in as a guest, everything
> works
> just like on a normal user account? I mean iptables settings, auto-updates,
> or fstab mount's options etc. There is also AppArmor lightdm-guest-session
> profile; I hope this is not the only protection.
>
> Best regards!
>
>
Yes, the guest account is a normal user account, but confined by an
AppArmor profile. iptables settings and mount options are privileged
operations and requires a user with administrative access, not the guest
account.
Is there something specific you are able to do with a guest account that
you feel you shouldn't be able to?
Marc.
More information about the ubuntu-hardened
mailing list