[Bio-linux-dev] Security
Tim Booth
tbooth at ceh.ac.uk
Fri Sep 12 08:03:53 EDT 2014
Hi Tony,
For some reason I thought this was an install-time option. Maybe it was
in the past or maybe my memory is failing (not for the first time).
So yes, it is basically inherited from Ubuntu. But I'm not convinced it
is insecure for most users, and certainly if users do want to let their
guests on the machine is is more secure then the traditional "here's my
password on a post-it note" approach, so I'd be reluctant to remove it
without an obvious way to put it back or knowing some specific threat
that it exposes. My impression is that only users at the local console
can get a guest session, so for servers locked in the server room it
should be a moot point?
Cheers,
TIM
On Wed, 2014-09-10 at 15:55 +0100, Tony Travis wrote:
> Hi, Tim.
>
> I've just noticed that the "guest" account is enabled on Bio-Linux 7 and
> 8 - Is that by design, or inherited from Ubuntu?
>
> I think that's insecure, so I disabled "guest" on the console using:
>
> > # disble guest login on console
> > vim lightdm.conf
> > ...
> > [SeatDefaults]
> > user-session=ubuntu
> > greeter-session=unity-greeter
> > autologin-user=
> > allow-guest=false
> > ...
> > service lightdm restart
> >
> > # kill any "guest" processes left running
> > pkill -U guest-BA5aVt
>
> Where "guest-BA5aVt" is the obfuscated name of the guest user on that
> particular system...
>
> Bye,
>
> Tony.
>
> --
> Dr. A.J.Travis, University of Aberdeen, Institute of Biological and
> Environmental Sciences, Cruickshank Building, St. Machar Drive, Aberdeen
> AB24 3UU, Scotland, UK. tel +44(0)1224 272700, fax +44 (0)1224 272 396
> http://www.abdn.ac.uk, mailto:tony.travis at abdn.ac.uk, skype:ajtravis
>
>
> The University of Aberdeen is a charity registered in Scotland, No SC013683.
> Tha Oilthigh Obar Dheathain na charthannas clàraichte ann an Alba, Àir. SC013683.
> _______________________________________________
> Bio-Linux-dev mailing list
> Bio-Linux-dev at nebclists.nerc.ac.uk
> http://nebclists.nerc.ac.uk/mailman/listinfo/bio-linux-dev
--
Tim Booth <tbooth at ceh.ac.uk>
NERC Environmental Bioinformatics Centre
Centre for Ecology and Hydrology
Maclean Bldg, Benson Lane
Crowmarsh Gifford
Wallingford, England
OX10 8BB
http://nebc.nerc.ac.uk
+44 1491 69 2705
More information about the Bio-linux-devel
mailing list