Security problem ??
Werner Erselina
werner at erselina.nl
Sun Mar 26 18:07:10 UTC 2006
Is there anybody who could confirm this problem on his or her kubuntu box.
Cause i think it might be a serious security problem.
Op vrijdag 24 maart 2006 22:20, schreef Werner Erselina:
> Hi everybody,
>
> I noticed some strange behaviour on my upgraded from breezy to dapper box.
> I created a guest account with the name pap. I configured the behaviour for
> this user to autologin afther 5 seconds, and that this user could login
> without providing a password. However i noticed that all other user's can
> login without having to provide a password. The configuration for this user
> was done with kcontrol or systemsettings (Dont remember anymore). I dont
> know if this problem is related to kubuntu (dapper or breezy) or kde. For
> clarification i provided my kdmrc file:
>
> [General]
> ConfigVersion=2.3
> ConsoleTTYs=tty1,tty2,tty3,tty4,tty5,tty6
> PidFile=/var/run/kdm.pid
> ReserveServers=:1,:2,:3
> ServerVTs=-7
> StaticServers=:0
>
> [Shutdown]
> BootManager=None
> HaltCmd=/sbin/halt
> RebootCmd=/sbin/reboot
>
> [X-*-Core]
> AllowNullPasswd=false
> AllowRootLogin=false
> AllowShutdown=Root
> AutoReLogin=true
> ClientLogFile=.xsession-errors-%s
> Reset=/etc/kde3/kdm/Xreset
> Session=/etc/kde3/kdm/Xsession
> Setup=/etc/kde3/kdm/Xsetup
> Startup=/etc/kde3/kdm/Xstartup
>
> [X-*-Greeter]
> AntiAliasing=true
> ColorScheme=WindowsXP
> EchoMode=OneStar
> FaceSource=AdminOnly
> FailFont=helvetica,12,-1,5,75,0,0,0,0,0
> GUIStyle=Keramik
> GreetFont=DejaVu Sans,22,-1,5,50,0,0,0,0,0
> GreetString=Welcome to Kubuntu at %n
> GreeterPos=50,50
> HiddenUsers=
> Language=nl
> LogoArea=None
> LogoPixmap=
> MaxShowUID=29999
> MinShowUID=1000
> Preloader=/usr/bin/preloadkde
> SelectedUsers=
> ShowUsers=NotHidden
> SortUsers=true
> StdFont=DejaVu Sans,10,-1,5,50,0,0,0,0,0
> Theme=/usr/share/apps/kdm/themes/kubuntu
> UseBackground=true
> UseTheme=true
> UserCompletion=false
> UserList=true
>
> [X-:*-Core]
> AllowNullPasswd=true
> AllowShutdown=All
> NoPassEnable=true
> NoPassUsers=@pap
> ServerArgsLocal=-nolisten tcp
> ServerCmd=/usr/X11R6/bin/X
>
> [X-:*-Greeter]
> AllowClose=false
> DefaultUser=pap
> FocusPasswd=true
> LoginMode=DefaultLocal
> PreselectUser=Default
>
> [X-:0-Core]
> AutoLoginAgain=false
> AutoLoginDelay=5
> AutoLoginEnable=true
> AutoLoginLocked=false
> AutoLoginUser=pap
> ClientLogFile=.xsession-errors
>
> [Xdmcp]
> Enable=true
> Willing=/etc/kde3/kdm/Xwilling
>
> My question, could somebody replicate this problem?? So that i know if this
> is a problem for only my box or a bug.
>
> Greetings
More information about the kubuntu-users
mailing list