nordi wrote:
[...]
If (and only if) the user has adequately secured both his BIOS and his boot loader he can start worrying about auto login, which does _not_ give you full control over the system, in contrast to the other two. I think that it is safe to assume that every user that secures his BIOS and boot loader is also clever enough to turn off auto login.
Nobody said the auto login feature should be removed ;-) It is just a matter of policy whether to enable this feature by default. I remember the ancient SuSE distributions when the apache webserver was installed *and* activated by default. So we had lots of (more or less) unconfigured webservers around the world (well, call it Germany or maybe Europe at that time; I don't think that SuSE Linux was well known and frequently used outside of Europe at that time) because sometimes people were not even aware that this service had been activated during setup. Of course, you can always use the argument "you can switch it off if you like", but I don't like such a policy for default settings - I prefer not having a default auto login although it might appear a bit antiquated to others who might already know this feature very well from the Windows world (call them, maybe, Linux newbies). Unfortunately, it gets more and more complicated with every new SuSE Linux version to *deactivate* these "features" (auto login, subfs, suseplugger, etc.). Yes, maybe I am a dinosaur on that score :-) I will not be surprised seeing one day a Linux distribution which promotes working as root all the time because it's so much easier to install RPMs and you don't have to enter that annoying root password everytime... Greetings from London, Th.