Re: Ubuntu 11.10 now unsecure by default

[Dave <mrx () propergander org uk>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16/11/2011 19:23, Olivier wrote:
> Hi list,
>
> Backdoors in ubuntu are now called features :
>
> https://answers.launchpad.net/ubuntu/+source/lightdm/+question/175756
>
> Unfortunately remote SSH connection are not allowed, I suggest guest account to be silently add in /etc/shadow for 
> 12.04. It could be the 
> best Ubuntu April fool ever.
>
> Maybe calibre could also be installed by default, for a root shell out of the box.


Hi,

What is the password for this guest account?
Is the password random generated?

Is remote access of any kind enabled by default for this guest account?

In what way is the guest account different from any of the half dozen or so other accounts(with the obvious exception 
of access rights)
created during a default Ubuntu install?

How insecure is it really?

I am not an Ubuntu expert so these are genuine questions, I am far to busy to research this at this time so I ask these 
questions in the hope
than an Ubuntu Guru comes forth and either allays all my/your/our fears(if they exist) or scares me/us into action.

regards
Dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBTsU2ObIvn8UFHWSmAQIejggApAFANEVXN7ShqSPN8397EoYZaIOqF7W3
UxGdf1pKq6BxvFUmpmzQEy+ocwyBy/GqCupGFfqcTIRFYLg6uXlXRxNHoZB6eNqw
cpiOi1f2x08GAs7QIy+L7St/I6BUoUi7hx7WXMFJUVu/mp297IiJjLT7Tp489v3X
nv99DTWwkRx9DpYxf1MUruQKhR85aoWylDyPVUzwSRDiqMS4hQMDbQqBM0kzK89L
UmqVYgO+4zWuSKAqY5oBBy0fBPgOHGLvrpNxvfgAYAIMAGD6pAt/nQxAS0s8Rukc
rrJw3HRtXIPlq1tsWGZ2gdt8oaakk4sAvYXq8D2kH7aOeZflF2DrNg==
=vNit
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/