It's hard to say at this point with just three reports and I wouldn't rule anything out, but it doesn't look like it would be a problem if "Guest" isn't enabled. In two of the threads at least, actually logging in to "Guest" at some point was involved before the bug's effects were seen.
I think I will immediately get rid of the guest account I set up. I didn't like the way it worked anyway, in that it reset to defaults. I had previously set up limited access guest accounts in Tiger and Panther and tweaked them to be the way I wanted them, with no access to Mail.app and a few other apps. That worked better than the Leopard guest account.
__________________ The price of apathy toward public affairs, is to be ruled by evil men. -- Plato.
I still haven't been able to reproduce the problem (not that I've been trying all that hard). But I have been playing around with the "Guest" account, and it looks like the presence of a single "locked" file or folder anywhere in the "home" folder is enough to prevent anything from the "Guest" account from being deleted. Things might be different in the case of this glitch, but perhaps locking something in all of the non-Guest accounts would serve as insurance to prevent them from being deleted in place of the "Guest" home folder.
I'm really not sure how that works - eg. in "Finder", nothing prevents you from trashing a folder containing a locked file, and things like 'rm -r' will delete everything around the locked item so how does a single locked item protect the whole Guest home folder?
As a side note, if you are ever using someone else's Guest account and you don't want your stuff to be deleted when you log out, just lock something, I guess...
Quote:
I had previously set up limited access guest accounts in Tiger and Panther and tweaked them to be the way I wanted them
I'm inclined to agree. While it is possible to tweak the "Guest" account itself to some extent, a regular "managed" account seems more sensible. I guess "Guest" might come in handy if you suddenly are faced with having to let someone use your computer, but otherwise I don't see much use for it.
I'm inclined to agree. While it is possible to tweak the "Guest" account itself to some extent, a regular "managed" account seems more sensible. I guess "Guest" might come in handy if you suddenly are faced with having to let someone use your computer, but otherwise I don't see much use for it.
I used my previous managed Guest account for exactly the situation that the Leopard Guest account was designed for, when someone needed to use my computer but I didn't want them to have access to any of my accounts. I also didn't want them to be able to access Mail.app since I figured that a visitor who might want to check their email on my computer would be using web mail anyway, that's what I do when I use other's computers.
I guess I'll set up a managed Guest account in Leopard.
__________________ The price of apathy toward public affairs, is to be ruled by evil men. -- Plato.
I don't know for sure if it's the same thing, but 10.5.5 might have addressed this issue and provide an explanation of what was happening:
Quote:
Originally Posted by http://support.apple.com/kb/HT3137
Login Window
CVE-ID: CVE-2008-3610
Available for: Mac OS X v10.5 through v10.5.4, Mac OS X Server v10.5 through v10.5.4
Impact: A user may log in without providing a password
Description: A race condition exists in Login Window. To trigger this issue, the system must have the Guest account enabled or another account with no password. In a small proportion of attempts, an attempt to log in to such an account will not complete. The user list would then be presented again, and the person would be able to log in as any user without providing a password. If the original account were the Guest account, the contents of the new account will be deleted on logout. This update addresses the issue by properly clearing Login Window state when the login does not complete. This issue does not affect systems prior to Mac OS X v10.5.
Linear Mode
