I believe this bug affects security, given that it is a failure of Ubuntu to perform a
"Session Lock". E.g. this is from NIST Special Publication 800-53 (Rev. 4):
a. Prevents further access to the system by initiating a session lock
after [Assignment: organization-defined time period] of inactivity or
upon receiving a request from a user; and
b. Retains the session lock until the user reestablishes access using
established identification and authentication procedures.
The name has been changed from "Session Lock" to "Device Lock" in Rev 5
(draft, 2017), but it's still listed there for the sake of best practices.
I believe this bug affects security, given that it is a failure of Ubuntu to perform a
"Session Lock". E.g. this is from NIST Special Publication 800-53 (Rev. 4):
https:/ /nvd.nist. gov/800- 53/Rev4/ control/ AC-11
The information system:
a. Prevents further access to the system by initiating a session lock defined time period] of inactivity or
after [Assignment: organization-
upon receiving a request from a user; and
b. Retains the session lock until the user reestablishes access using
established identification and authentication procedures.
The name has been changed from "Session Lock" to "Device Lock" in Rev 5
(draft, 2017), but it's still listed there for the sake of best practices.