Provide a guest session account by default

Registered by Jonathan Carter

It is very common to lend someone else a laptop for a quick email check, or having one's computer play music and be a surf station on a party.

Instead of requiring people to create guest accounts with widely known or empty passwords, Ubuntu should set up a locked down guest account with a temporary home directory by default, where an existing user must authenticate the start of a guest session. This avoids passwordless accounts, which are a security threat.

Blueprint information

Status:
Complete
Approver:
Scott James Remnant (Canonical)
Priority:
High
Drafter:
Martin Pitt
Direction:
Needs approval
Assignee:
Martin Pitt
Definition:
Approved
Series goal:
Accepted for intrepid
Implementation:
Implemented
Milestone target:
None
Started by
Martin Pitt
Completed by
Martin Pitt

Related branches

Sprints

Whiteboard

Done:
 - gdm patch
 - gdm-guest-session package (temporary user and home dir)
 - AppArmor rules
 - deny at access ("guest" already happens to be in default at.deny)
 - deny cron access (by AppArmor rules, denying to write into /var/spool/cron)
 - suppression on live system
 - network access restricted to TCP and UDP.
 - package promoted to main and seeded, ubuntu-meta rebuilt
 - fusa integration
 - test case/release note in spec

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.