[LINK] RFI: Multi-User Capability on User Machines
Chris Maltby
chris at sw.oz.au
Mon Sep 4 17:01:18 AEST 2006
On Mon, Sep 04, 2006 at 04:43:07PM +1000, Roger Clarke wrote:
> Chris's post makes clear to me that I still haven't been precise
> enough in the way I've formulated my question. (This is harder than
> I thought!).
>
> I'm not concerned about whether users can be running concurrently.
>
> I'm concerned about whether separate users, using the machine at
> different times, can rest assured that their data is secure against
> the prying eyes of others who have access to the machine.
>
> One test-case is siblings in the same household. Can Big Sis avoid
> her love-letters being accessed by Kid Brother?
>
> Another, more relevant test-case is flatmates in the same household.
> Can each flatmate establish their own relationships with, for
> example, eBay and Amazon, confident that their profiles (server-side)
> and cookies (client-side) won't be polluted by their flatmates using
> the machine?
>
> Clearly this depends upon Big Sis and Flatulent Flatmate religiously
> logging out every time they leave the machine.
>
> But if they do so, can they be confident that their profiles and
> cookies are inviolate?
>
> I'm intentionally overlooking those with super-user privileges on the
> device (or their equivalent in other-OS-speak), and seriously smart
> operators who can fire up the disk-drive on a different machine and
> extract whatever they want from it.
Yes. Windows since NT3.1 (1996?) has supported this kind of separation.
Windows XP makes it reasonably convenient to do this - even allowing
different user sessions to be established simultaneously and switched
between without logging out. Not everything is private between these
sessions though - eg network connections. The aim is to provide the
feature set you seek - a single computer shared by users in a home
environment who access it alternately, not simultaneously.
I'm not sure if the default mode makes user files inaccessible to other
unprivileged users - but you can turn that on if you want. You can also
enable personal data encryption on a per file or folder basis. Heaven help
you if you use a locally generated key and then lose it (say in a crash).
Chris
More information about the Link
mailing list