Password-protecting fedora.

Ow Mun Heng ow.mun.heng at wdc.com
Wed Mar 10 02:40:22 UTC 2004 

> -----Original Message-----
> From: Robin Laing [mailto:Robin.Laing at drdc-rddc.gc.ca]
> Sent: Tuesday, March 09, 2004 11:37 PM
> To: fedora-list at redhat.com
> Subject: Re: Password-protecting fedora.
> 
> 
> Ow Mun Heng wrote:
> > 
> >>-----Original Message-----
> >>From: Robin Laing [mailto:Robin.Laing at drdc-rddc.gc.ca]
> >>Jeff Vian wrote:
> >>
> >>>
> >>>Maynard Kuona wrote:
> >>>
> >>>
> >>>>-----Original Message-----
> >>>>From: fedora-list-admin at redhat.com 
> >>>>
> >>>>On Sun, Mar 07, 2004 at 09:01:20AM +0100, Sturla Holm 
> Hansen wrote:
> >>>>....>  
> >>>>
> >>>>
> >>>>>I know about the built-in security, I was just asking if 
> >>
> >>it was possible
> >>
> >>>>>to pw-protect evolution the way I described because then 
> >>
> >>I wouldn't have
> >>
> >>>>>to lock my screen for leaving the computer for a few 
> minutes and I
> >>>>>wouldn't have to log in with another account when 
> >>
> >>somebody wanted to
> >>
> >>>>>borrow it for something...
> >>>>>  
> >>>
> >>>This leads to the whole thing of
> >>>"I want to allow everyone around to use my computer/account 
> >>
> >>but I want 
> >>
> >>>privacy on my mail."
> >>>
> >>>Guess the OP needs to learn a few basic security practices.
> >>>
> >>>When not at the computer either lock the screen or log off.
> >>>The only alternative that is feasible is don't use anything 
> >>
> >>you don't 
> >>
> >>>want the world to see and don't give yourself access to 
> >>
> >>anything you 
> >>
> >>>don't want the world to use.
> >>>
> >>>Basic security on ANY pc is to do that, and to have a guest 
> >>
> >>account of 
> >>
> >>>some form that casual users can use if you allow them to 
> >>
> >>sit and use 
> >>
> >>>your computer unsupervised.
> >>>
> >>>Having a separate account for casual users (snoopers) 
> >>
> >>provides a means 
> >>
> >>>of tracking what is being done by them.  Allowing them to 
> use *your 
> >>>account* means anything they do is recorded as being done by you.
> >>>
> >>
> >>My feelings are the same.
> >>
> >>I would rather create a junk account that a casual user 
> could use and 
> >>not change anything in my account.  The 20 seconds to logout/in is 
> >>better than having someone decide that they would change my 
> bookmarks 
> >>or worse.  At least there is some control and ability to 
> monitor the 
> >>casual user to a greater degree.
> > 
> > 
> > Actually, Why would you want to do that?? eg: logout and 
> login again?
> > Are you not aware that there's this new feature called "New Login"??
> > Essentially, it creates (another?) X-Session in 
> Virtual-Term-8 (Alt-F8)
> > and presents you with a _new_ login session in which your 
> New users can
> > just use while your own X-Session runs in the background. 
> (and it locks 
> > your existing X-Session using XScreen-saver.) I think this 
> feature has 
> > been around long before MaxOS-X or WInXP newly implemented 
> (I think?) 
> > Fast-User Switching.
> > 
> > Ain't that Just Cool? [1]
> > 
> No, I didn't know about this but reading this list I am learning that 
> this may work and may not.  Some of the replys have stated that the 
> second session isn't full featured (sound, video etc) so it wouldn't 
> work for what I need.  I am going to try it and see how it works.  I 
> will also have to look at background processes.

Both sound and video will work. (TM anyway)
For sound, the irony is that, what happens if you're playing ogg files
on xmms and then your wife logs in (using gdmflexiserver) and wants to
listen to her wav files on xmms? You can do it, but you get 2 diff sounds
coming out of 1 speaker. Why?? (you can do simultaneous streams through
1 sound card using the esd sound server. Look at that option under XMMS)

Video issues? What sorts? Please enlighten. I've not faced with it (yet).

Hmm.. Can you re-state what it is you "need"??

> > I am also not sure what my wife will think of a different way of 
> accessing the computer.

Hmm... XP and MacOS have this same feature. So.. how can it be different?


> I still stand by the original idea of having a seperate account for 
> casual users.

Better separate account rather than the account which has _near_ full root
access using sudo. 

My 2 cents

More information about the users mailing list