|
Question of the Day:
Why does any Admin's password unlock a screen lock?
If I have an account on your machine with 'admin' privs* and your machine allows remote login, then I can log-on either from the console or remotely and attain any level of privilege I desire, be it 'root' or even 'becoming' another user. That is the power of being an OS X admin user with unrestricted access to 'sudo'
What is the rational behind allowing any Admin to unlock a screen lock?
Traditionally:
- UNIX systems allow remote login
- UNIX systems are multi-user time-sharing systems.
- There are certain admin operations that one ought to do from the console terminal (like mucking with network configs or attached devices, running certain important commands - starting services or back-ups which remain active and attached to the login shell.)
- If someone has admin privs, they should be a trusted person.
So when someone hogs the console (leaving it screen-locked)
- Is it not much kinder and gentler to allow some other (trusted) person [with privileged access] to unlock the session and log you out (hopefully saving any work in progress without committing changes)?
The alternative is that the other 'root' enabled person logs in and kills the parent process for your login at which point all of the children (shells, windows, ongoing editing sessions, etc.) DIE, often losing work in progress.
Given that the anyone with the root account can trash your abandoned session OR assume your identity, to start with, does it not make much more sense to allow them to *nicely* terminate your abandoned screen lock?
Can this be improved?
On some systems when another admin enters their password, the original user is logged out and then the second user can log in. This is a fine solution for all but the most dire of circumstances.
Date Created: Sat, 12 Oct 2002 12:11:52 -0400 |
