Bug#253007: kdm: AutoLogin bypasses some necessary authorisation and stuff!

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#253007: kdm: AutoLogin bypasses some necessary authorisation and stuff!
From: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
Date: Sun, 06 Jun 2004 14:06:30 +0000
Message-id: <E1BWyIA-0003Ft-PZ@lkcl.net>
Reply-to: Luke Kenneth Casson Leighton <lkcl@lkcl.net>, 253007@bugs.debian.org

Package: kdm
Severity: normal


i just ran fireflier-client-kde and rather than having the
username of the AutoLogin user, it has root instead (because
ff-c uses unistd.h's getlogin() function which returns the
name of the logged in user)

also, i am running SE/Linux and i have had to use a patched
version which doesn't rely on pam_selinux being in /etc/pam.d/kde.

AutoLogin is basically quite broken.

it would appear that the logged in user is still effectively root.

if i wasn't running SE/Linux this would be incredibly bad.

l.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux highfield 2.6.6-selinux1 #5 Tue May 18 16:33:29 GMT 2004 i686
Locale: LANG=C, LC_CTYPE=C

Reply to:

Prev by Date: kdenonbeta/kdedebian/kapture
Next by Date: kdenonbeta/kdedebian/kapture
Previous by thread: Bug#236926: KDE Bug 77498
Next by thread: Bug#252969: additional info
Index(es):
- Date
- Thread