Re: Proposal for inclusion in desktop: gnome-screensaver

On Wed, 2005-10-26 at 16:54 +0200, Xavier Bestel wrote:
> On Wed, 2005-10-26 at 16:44, Rodney Dawes wrote:
> > 3. Unlocking the screen with the root password should do the same as
> > choosing switch users, and logging in as root. Not doing so is a privacy
> > and security issue, as it may allow root access to remote hosts, that
> > root normally does not have access to.
> Root has access to everything on a normal linux system.

Root on a local machine does not typically have access to all of my
remote accounts. Root may be able to su - user, and have access to all
my files, but not knowing my ssh key passphrase, he wouldn't have access
to my ssh logins on remote hosts. On the other hand, with X, and
ssh-agent, if he gains access to my session, he then has the access to
those remote hosts, very trivially.

And no, the answer to this is not "do not use ssh-agent".

-- dobey

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]