Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: A FileVault/wake from sleep password issue' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: A FileVault/wake from sleep password issue
Authored by: BMarsh on Jul 10, '06 08:21:15AM

While it may not be what this user expected... this is exactly the behaviour I would expect. (not everyone should have admin access, only those trusted, most accounts can be non-admin, and won't even notice the difference, admins can also force password changes on other accounts, although this wouldn't likely give access to the filevault data))

the workaround:
if they want more "security" they need to logout rather then have screensaver activate (there are ways to force this)

now the explanation:
when the user logs in, the password allows the decryption of the filevault. Sleep or Activation of the screen saver has the user remain in the currently logged in user (with all currently running programs etc...) so the user filevault which is really a disk image) is already opened. the filevault remains "open" until the user logs out (either through logout command, restart or shutdown)

why would apple allow other admins to unlock the screensaver?
to allow a machine to be unlocked, then have programs gracefully quit (necessary files saved etc...), before a logout, restart or shutdown of the system. Examples I can think of, students or workers forgetting to properly logout before leaving after a class or shift.



[ Reply to This | # ]