Bug#434227: marked as done (kdm: autologin: auto-lock fails when switching terminals)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 29 Dec 2007 20:03:30 -0500
with message-id <9f694b820712291703r3b27ecbbh8b45afec1321e5de@mail.gmail.com>
and subject line Closing Debian bug 434227
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: kdm: autologin: auto-lock fails when switching terminals
• From: Rogier <rogierg@12move.nl>
• Date: Sun, 22 Jul 2007 15:33:51 +0200
• Message-id: <20070722133351.4709.73814.reportbug@lambik.rjg>

Package: kdm
Version: 4:3.5.7-1
Severity: grave
Tags: security
Justification: user security hole


When using KDM with AutoLoginEnable=true and AutoLoginLocked=true,
and using a KDE session, the session lock can be avoided by switching
virtual consoles before the autologin starts (e.g.  while the X
server is still starting up, or during the AutoLoginDelay).

Regards,

Rogier.


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-3-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages kdm depends on:
ii  debconf [debconf-2.0]   1.5.13           Debian configuration management sy
ii  kdebase-bin             4:3.5.7-1        core binaries for the KDE base mod
ii  kdebase-data            4:3.5.7-1        shared data files for the KDE base
ii  kdelibs4c2a             4:3.5.7.dfsg.1-1 core libraries and binaries for al
ii  libc6                   2.5-9+b1         GNU C Library: Shared libraries
ii  libgcc1                 1:4.2-20070627-1 GCC support library
ii  libpam-runtime          0.79-4           Runtime support for the PAM librar
ii  libpam0g                0.79-4           Pluggable Authentication Modules l
ii  libqt3-mt               3:3.3.7-5        Qt GUI Library (Threaded runtime v
ii  libstdc++6              4.2-20070627-1   The GNU Standard C++ Library v3
ii  libx11-6                2:1.0.3-7        X11 client-side library
ii  libxau6                 1:1.0.3-2        X11 authorisation library
ii  libxdmcp6               1:1.0.2-2        X11 Display Manager Control Protoc
ii  libxtst6                1:1.0.2-1        X11 Testing -- Resource extension 
ii  xbase-clients           1:7.2.ds2-2      miscellaneous X clients

Versions of packages kdm recommends:
ii  logrotate                     3.7.1-3    Log rotation utility

-- debconf information:
  kdm/stop_running_server_with_children: false
* shared/default-x-display-manager: kdm
  kdm/daemon_name: /usr/bin/kdm

--- End Message ---

--- Begin Message ---

• To: 434227-done@bugs.debian.org
• Subject: Closing Debian bug 434227
• From: "Olivier Vitrat" <ovit.debian@gmail.com>
• Date: Sat, 29 Dec 2007 20:03:30 -0500
• Message-id: <9f694b820712291703r3b27ecbbh8b45afec1321e5de@mail.gmail.com>

Hi,
This bug has been fixed (see the related KDE bug report at
http://bugs.kde.org/show_bug.cgi?id=125318)
Closing the Debian report.
Thanks,
Olivier

--- End Message ---