Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
  • From: C <smaug42@xxxxxxxxxxxx>
  • Date: Fri, 2 Mar 2012 15:28:00 +0100
  • Message-id: <CAOVv=gOkKCJewq9NM9-sp0CQ_TBXcuLdH6OQ7Htj6JKwaGCwQQ@mail.gmail.com>
On Fri, Mar 2, 2012 at 15:04, Per Jessen <per@xxxxxxxxxxxx> wrote:
Purely a tangent here, but at least security policy related - a while
ago, I created a FATE request suggesting we alter the default settings
in the GUI to 1) always enable to screen-saver, 2) always require
password when locked and 3) prevent the user from disabling the screen
saver.  It wasn't met with great approval :-(

And not much wonder. While that might make sense on a corporate
desktop (I've had at least one employer enforce that exact scenario),
if you try to do that on my desktop computer... I'll be VERY grumpy.
I do not use a screensaver at all at home... and the computer is never
"locked". The very first thing I do after an install is disable the
screensaver. If the user was prevented from disabling the screensaver
(requiring root or whatever to config), you would have a MUCH bigger
outcry than a Linux guru grumping about printer configs and WiFi.


Default to the medium security profile.  Let the user pick an option
at install time, and give them a YaST module to change it if it's too
restrictive (or not restrictive enough).

The user should be able to see what the policy currently lets them do.

+1

That is a great idea in my view... if we could decide on what is in
each... and ensure that low isn't so low as to introduce a major
security hole... this could be a nice solution. It has the potential
to make everyone happy... including people who want a permanent
screensaver with password requirement :-)

C.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups