On Fri, Oct 29, 1999 at 09:57:18AM +0200, Flothow, Sebastian wrote: > so you can log out the current user and quit all apps without having to > enter a password? i think this is the real security flaw, not apps which ask > wether you want to save changes. No, the dialogs still show up if you try to quit from that logout screen, which means that you can click cancel in any of them, cancel the logout process, and have access to the "locked" machine. Having the logout button quit apps is no different than having a logout button in xlock, and is a regular practice in any crowded lab. (The one here doesn't show up for half an hour.) It's not fair for others to occupy a machine they're not actually using in a lab. I'll grant that Mac OS 9 is a little bit different in that if you have some long running process you can't just ssh in and run it, but the only kind of long-running process anybody could want to do on a mac is a Photoshop filter (or similar). This will be an incredible boon to people who run labs full of macs for students at universities, provided Apple gets their act together so that it isn't blatantly insecure (defeating the purpose of having a locking procedure at all). ~ g r @cs.swarthmore.edu
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:09:18 PDT