Comment 35 for bug 844081

> Consider this. They choose their login identity, at which point we show
> their desktop. That persists for as long as it takes them to type their
> password. Then we.... show their desktop.
>
> By definition, your wallpaper is exactly as public as your face. So
> think carefully what you tattoo on your face ;-)

Excuse me, but... Are you serious?

Your wallpaper today is only "public" in as much as people can look over your shoulder when you are logged in and working on your computer, but so is *anything* you are working with, and I haven't yet seen anyone use that as an argument to make e.g. your bookmarks and personal files accessible and highly visible to other users on the system. So why should the wallpaper be any different? Why should the wallpaper, exactly, be accessible to every other user of the system, whether you trust them or not? Shouldn't it be the user's own choice whether they want to share their private data with everyone else having an account on that computer?

I think the "you just shouldn't choose a wallpaper you don't want your parents/wife/kids/roomie to see" argument rings unpleasantly of Apple's "We know best how you should use your computer" attitude.
Yes, I know, you can just change permissions on the file - but you have to be most computer savvy than most to know that such a setting would carry over to the wallpaper (How do I, as a casual user, know it doesn't just make a copy and changes the permissions when I set an image as the wallpaper?). But really, it should be a fundamental pillar of the UI design that the user alone, no one else, decides who they'll share their personal data with.