Bug#415064: kdm theme functionally inferior to kdm's default theme
Philippe Cloutier wrote:
> Matthew McGuire a écrit :
>> Filipus Klutiero wrote:
>>> Package: desktop-base
>>> Version: 4.0.1
>>> Severity: wishlist
>>> desktop-base is installed by default and replaces kdm's default theme by
>>> a theme which doesn't allow selecting the user from a list. This reminds
>>> me a bit too much Sarge's gdm (as it is configured on my desktop, at
>> Hi Filipus,
>> Although we all appreciate the user selection interface I am not
>> convinced that we want it running 'by default' on all desktops.
> I am, definitely.
>> difficult thing here is that in some (possibly many) cases you do not
>> want your login screen to list the 'known' users. This alone presents a
>> basic security risk and could allow an intruder to use this list to
>> their advantage. For home users this poses no real problem, but for
>> networks this could be a very real problem for groups of people who
>> authenticate against the network. This is worse for medium to large size
>> businesses or schools that have a long list of users.
> Medium to large size businesses and schools will find it much easier to
> disable the list. I have no idea what significant security risk a list
> of users could create - please elaborate if you want.
>> So as a result it
>> is better to err on the side of caution and not provide the list by
> I strongly disagree.
Ok, maybe it's better not arguing the actual 'correctness' of either of
our personal points of view. Why not consider what can be done to
provide both options?
If we had a theme that provides the user list as you desire then it
could easily be an option you can enable using preseeding or even the
default if that is the general wish of the community.
Anyone here familiar enough with KDM and GDM theming who could help out?
PS: This would all be lenny timeline so as to avoid complicating the
present etch freeze.