Comment 2 for bug 1502918

I can confirm that you can access a browser with this method from the network and power indicators.

It looks like the greeter user has full read access to other users' files. This means that (for example) I can go look at other users' pictures from the lock screen. That's a huge privacy flaw.

In addition to removing the ability to get to a browser in this way, we probably need to look into sandboxing the greeter user much better. Make sure it can't read other users' files, make sure it can't launch any unnecessary apps, etc.