Bug#253007: kdm: AutoLogin bypasses some necessary authorisation and stuff!
Package: kdm
Severity: normal
i just ran fireflier-client-kde and rather than having the
username of the AutoLogin user, it has root instead (because
ff-c uses unistd.h's getlogin() function which returns the
name of the logged in user)
also, i am running SE/Linux and i have had to use a patched
version which doesn't rely on pam_selinux being in /etc/pam.d/kde.
AutoLogin is basically quite broken.
it would appear that the logged in user is still effectively root.
if i wasn't running SE/Linux this would be incredibly bad.
l.
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux highfield 2.6.6-selinux1 #5 Tue May 18 16:33:29 GMT 2004 i686
Locale: LANG=C, LC_CTYPE=C
Reply to: