Bug#259173: gdm: SecureSystemMenu is either too secure or too
insecure
Michael Piefel
Michael Piefel <piefel@debian.org>, 259173@bugs.debian.org
Tue, 13 Jul 2004 11:39:21 +0200
Package: gdm
Version: 2.6.0.3-1
Severity: important
Tags: security
gdm has a System Menu which offers options such as "Shut down the
computer" and "Edit gdm otions". Using gdm.conf's SecureSystemMenu
setting, this menu either requests the root password or it doesn't.
This leads to the unfortunate situation where either:
- Any user has to enter the root password to shut down the computer.
IOW, they cannot, because I won't give them the password. They can cut
the power, but that isn't good.
- Any user can change all of gdm's settings, including auto-login for a
certain user and such. This opens a wide security hole.
At home (older gdm version) the settings menu requires a password,
shutting down doesn't. That's the way it should be. If shutting down has
to be protected by a password, this has to be a separate option.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.5-1-k7
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8
Versions of packages gdm depends on:
ii adduser 3.57 Add and remove users and groups
ii debconf 1.4.29 Debian configuration management sy
ii dpkg 1.10.22 Package maintenance system for Deb
ii gksu 1.2.0-2 graphical frontend to su
ii gnome-session 2.6.2-3 The GNOME 2 Session Manager
ii gnome-terminal [x-termina 2.6.1-4 The GNOME 2 terminal emulator appl
ii libart-2.0-2 2.3.16-5 Library of functions for 2D graphi
ii libatk1.0-0 1.6.1-2 The ATK accessibility toolkit
ii libattr1 2.4.16-1 Extended attribute shared library
ii libbonobo2-0 2.6.2-4 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.6.1-1 The Bonobo UI library
ii libc6 2.3.2.ds1-13 GNU C Library: Shared libraries an
ii libgconf2-4 2.6.2-1 GNOME configuration database syste
ii libglade2-0 1:2.4.0-1 Library to load .glade files at ru
ii libglib2.0-0 2.4.2-1 The GLib library of C routines
ii libgnome2-0 2.6.1-8 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.6.1.1-2 A powerful object-oriented display
ii libgnomeui-0 2.6.1.1-3 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 2.6.1.1-4 The GNOME virtual file-system libr
ii libgtk2.0-0 2.4.3-3 The GTK+ graphical user interface
ii libice6 4.3.0.dfsg.1-6 Inter-Client Exchange library
ii liborbit2 1:2.10.2-1.1 libraries for ORBit2 - a CORBA ORB
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libpango1.0-0 1.4.0-4 Layout and rendering of internatio
ii libpopt0 1.7-4 lib for parsing cmdline parameters
ii librsvg2-2 2.7.2-2 SAX-based renderer library for SVG
ii libselinux1 1.14-1 SELinux shared libraries
ii libsm6 4.3.0.dfsg.1-6 X Window System Session Management
ii libwrap0 7.6.dbs-4 Wietse Venema's TCP wrappers libra
ii libx11-6 4.3.0.dfsg.1-6 X Window System protocol client li
ii libxext6 4.3.0.dfsg.1-6 X Window System miscellaneous exte
ii libxml2 2.6.10-3 GNOME XML library
ii metacity [x-window-manage 1:2.8.1-3 A lightweight GTK2 based Window Ma
ii rxvt [x-terminal-emulator 1:2.6.4-6 VT102 terminal emulator for the X
ii twm [x-window-manager] 4.3.0.dfsg.1-6 Tab window manager
ii xbase-clients 4.3.0.dfsg.1-6 miscellaneous X clients
ii xlibs 4.3.0.dfsg.1-6 X Window System client libraries m
ii xterm [x-terminal-emulato 4.3.0.dfsg.1-6 X terminal emulator
ii zlib1g 1:1.2.1.1-3 compression library - runtime
-- debconf information:
gdm/daemon_name: /usr/bin/gdm
shared/default-x-display-manager: gdm