3 Mar
2012
3 Mar
'12
14:32
On 04/03/12 00:53, Per Jessen wrote: > Basil Chupin wrote: > >> On 04/03/12 00:10, Per Jessen wrote: >>> Per Jessen wrote: >>> >>>> Sofar I have been using "Lock" and "Screensaver[any]" >>>> interchangeably. I don't care which one it is as long as (we have a >>>> security profile in which) auto-lock/screen-saver: >>>> >>>> 1) is enabled by default with a reasonable timeout, >>>> 2) cannot be disabled >>> 2) can only be disabled by root >> >> What I am finding very hard to come to grips with is this need to not >> only be unable to disable the screensaver but also to have a root >> password when it is to be disabled. >> >> Why is the screensaver such an important feature? > (screensaver or auto-lock). > Protection of information. People forget to lock their screen when they > go to drink coffee or smoke a cigarette. Having an office PC > auto-locked after X minutes reduces the window of risk. What people > would like displayed instead of their desktop is immaterial, blank > screen, acquarium, banner, whatever. > >> The darn screensaver is using the cpu (and the gpu) to generate stuff >> on the monitor - and this is heating up the cpu which otherwise can >> sit quietly and resting. > Screensaver could be = blank screen. > >> Could you perhaps give an example of why you consider that the >> screensaver is so important and why it would require a root password >> to disable it? All in the cause of educating me of course :-) . > For the first, see above. Second, disabling it should require root > access because it is a security and/or policy feature. Changing the > screensaver toshould be left to the user. I am getting the feeling that you are arguing here from the point of view of the principle of the thing rather than anything else :-) . In a normal office environment nobody is doing anything which other colleagues are not also doing. The only situations where such "not for anyone else's eyes" scenarios could come into play are where someone is doing very confidential work. In which case that person should be allocated a room to work in and which is (a) not accessed by other colleagues and/or (b) in an area where any member of the public is not allowed access; as well as this, a person to whom such a serious task has been assigned would not be someone who just walked off the street but would be a trusted and intelligent person specially selected to do this confidential work. Ok, but let's say that this screensaver thing is operational on the basis which you want it to be. After how many minutes would you want the screensaver to kick in? 1 minute? 2 minutes? 10 minutes? Let's say a person keeps getting phone calls from clients. Everytime he answers the phone the screenblanks after 1 minute or 2 minutes - but he has something on the screen which he has to use to answer the client's question but while he is talking to the client the bloody screen blanks. And he has to put down the phone and type in his password. Or say to the client, "Just a moment please while I re-activate my screen". After several such incidents the fellow will stop answering the phone! But if the screensaver cuts in after, say, 10 minutes after the user goes off to have his cigarette or get a cup of coffee, what is there to stop anyone walking up to the monitor and looking at the screen before it, say, blanks? :-) BC -- The vulgar crowd always is taken by appearances, and the world consists chiefly of the vulgar. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org