Bug 117676 - insecure default for autologin
Summary: insecure default for autologin
Status: RESOLVED INVALID
Alias: None
Product: SUSE LINUX 10.0
Classification: openSUSE
Component: Installation (show other bugs)
Version: unspecified
Hardware: All All
: P5 - None : Enhancement
Target Milestone: ---
Assignee: Jiří Suchomel
QA Contact: Klaus Kämpf
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-09-18 14:29 UTC by m. bracher
Modified: 2005-09-19 13:41 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description m. bracher 2005-09-18 14:29:57 UTC 
In the installation step for creating a new user account, the checkbox for
AutoLogin is enabled by default.
This little checkbox can be overlooked very easy. For security reasons the
default should be disabled. 
Alternative: use radio-buttons with no default to enforce a decision of the user.
Comment 1 Stefan Hundhammer 2005-09-19 13:20:17 UTC 
This was an explicit wish from the product manager. This option is 
configureable per-product - it is on for the retail product (the SuSE Linux 
box) and off for SLES (which is targeted at business users). 
 
There must be a dozen or so bugs discussing this in great detail. 
 
And no, explicitly asking the user is _not_ an option. We try to minimize the 
number of questions we ask.
Comment 2 Jiří Suchomel 2005-09-19 13:41:26 UTC 
Andreas, JFYI.
Solved for example in Bug #44493.