[Discuss] can one safely login multiple times to the same user on a modern Linux desktop?

[invalid at pizzashack.org (Derek Martin)]

On Fri, Sep 07, 2012 at 10:08:48PM -0400, Rich Pieri wrote:
> On Fri, 7 Sep 2012 20:51:32 -0500
> Derek Martin <invalid at pizzashack.org> wrote:
> 
> > Horse be damned, I think you're still missing the point.  It's what
> > you're protecting, how accessible and available it is, and it's value,
> > that matters... not so much what solutions you're using to protect it
> > (unless they're just plain inappropriate for the job).  
> 
> No. You are missing the point. Leaving a workstation logged in and
> unattended weakens or neutralizes any system security you may have.

I haven't missed the point; you haven't made one.  All you're doing is
regurgitating dogma.  Your dogma is technically true, however
practically speaking, it's next to worthless.  Insisting, as you have
here, that any security policy is absolutely and uniformly applicable
to all computing environments, without consideration of the costs vs.
the actual risk mitigated, and without considering cheaper, similarly
effective alternatives, is pure and utter folly.  The tendency for
security engineers to do this is the very reason why many knowledgable
people cringe whenever someone brings up the topic of security.  It's
not enough to recite garbage you read in some best practices wiki; you
have to use your brain (unless your goal is to pass some standardized
external audit, in which case acting like a parrot is exactly what's
needed).

Risk = potential cost, and security is the pursuit of cost
minimization through risk mitigation (NOT elimination, which is
impossible).  If you're spending more on your solution than you're
likely to lose, you've failed.  If you haven't bothered to even
attempt to cosider the cost, you've failed miserably. 

Did it also occur to you that it's equally true  that leaving a
workstation TURNED OFF and unattended weakens or neutralizes any
system security you may have?  Do you have any policies or
technologies in place specifically to address that threat?  If not,
did you reason out for yourself that the reason it's OK to ignore the
problem is because the COST of solving it is much greater than the
RISK of loss?  

Effectively addressing that threat (i.e. theft of data by theft of
hardware) would involve installing surveilance and alarms to detect the
intrusion, and hiring 24x7 security (REAL security, not retirees
sitting at a desk) to hopefully deter/catch the thieves.  An expensive
proposition, though if your data is really valuable it may be worth
it.  Chances are though, you didn't, because it's not.  And if it's
not, neither is making everyone log out all the time... locking the
screen is just fine, for exactly the same reason: the risk of a
costly compromise is small in comparison to the loss of productivity
and morale.

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.