Why idle users should be killed (was Re: Preventing Idle in telnet)

[Dan Bernstein]

In article <4133 at lib.tmc.edu> jmaynard at thesis1.hsch.utexas.edu (Jay Maynard) writes:
> This is primarily a security issue. The problem is that users will walk off
> and leave their terminals logged on, thus allowing someone else to walk up
> to the terminal and gain the security privileges of the original user. An
> auto-logoff is one way of fighting this problem with some chance that a
> problem will be prevented rather than punished. An auto-lock is a better
> solution, to me, but presupposes that a secure lock can be established.

Hey, folks, guess which program solves this problem too!

Rather than forcibly logging the tty out, disconnect it (by sending a
HUP to the pty signaller, for example). The user can log in any time
later and get back to exactly where he was in the session. Naturally,
this has the effect of an autolock: the user needs his password to log
in so that he can get back into the session. And it's not as drastic as
an autologout.

pty. It slices! It dices! It autodisconnects! :-)

---Dan