[LINK] RFI: Multi-User Capability on User Machines

Chris Maltby chris at sw.oz.au
Mon Sep 4 17:01:18 AEST 2006 

On Mon, Sep 04, 2006 at 04:43:07PM +1000, Roger Clarke wrote:
> Chris's post makes clear to me that I still haven't been precise 
> enough in the way I've formulated my question.  (This is harder than 
> I thought!).
> 
> I'm not concerned about whether users can be running concurrently.
> 
> I'm concerned about whether separate users, using the machine at 
> different times, can rest assured that their data is secure against 
> the prying eyes of others who have access to the machine.
> 
> One test-case is siblings in the same household.  Can Big Sis avoid 
> her love-letters being accessed by Kid Brother?
> 
> Another, more relevant test-case is flatmates in the same household. 
> Can each flatmate establish their own relationships with, for 
> example, eBay and Amazon, confident that their profiles (server-side) 
> and cookies (client-side) won't be polluted by their flatmates using 
> the machine?
> 
> Clearly this depends upon Big Sis and Flatulent Flatmate religiously 
> logging out every time they leave the machine.
> 
> But if they do so, can they be confident that their profiles and 
> cookies are inviolate?
> 
> I'm intentionally overlooking those with super-user privileges on the 
> device (or their equivalent in other-OS-speak), and seriously smart 
> operators who can fire up the disk-drive on a different machine and 
> extract whatever they want from it.

Yes. Windows since NT3.1 (1996?) has supported this kind of separation.
Windows XP makes it reasonably convenient to do this - even allowing
different user sessions to be established simultaneously and switched
between without logging out. Not everything is private between these
sessions though - eg network connections. The aim is to provide the
feature set you seek - a single computer shared by users in a home
environment who access it alternately, not simultaneously.

I'm not sure if the default mode makes user files inaccessible to other
unprivileged users - but you can turn that on if you want. You can also
enable personal data encryption on a per file or folder basis. Heaven help
you if you use a locally generated key and then lose it (say in a crash).

Chris

More information about the Link mailing list