[ubuntu-hardened] Guest account - security implications?

Marc Deslauriers marc.deslauriers at canonical.com
Mon Feb 18 13:02:37 UTC 2013

On 13-02-18 07:59 AM, Daniel Curtis wrote:
> Hi,
> On Xubuntu 12.04 is available an option to logging on the guest account
> without having to type a password. By logging in as a guest, everything
> works
> just like on a normal user account? I mean iptables settings, auto-updates,
> or fstab mount's options etc. There is also AppArmor lightdm-guest-session
> profile; I hope this is not the only protection.
> Best regards!

Yes, the guest account is a normal user account, but confined by an
AppArmor profile. iptables settings and mount options are privileged
operations and requires a user with administrative access, not the guest

Is there something specific you are able to do with a guest account that
you feel you shouldn't be able to?


More information about the ubuntu-hardened mailing list