RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 666220 - The gdm greeter should be configurable so as not to display list of valid user accounts
Summary: The gdm greeter should be configurable so as not to display list of valid use...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: gdm
Version: 6.5
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Ray Strode [halfline]
QA Contact: Desktop QE
URL:
Whiteboard:
Depends On:
Blocks: 960054 1056252
TreeView+ depends on / blocked
 
Reported: 2010-12-29 17:12 UTC by Alan Bartlett
Modified: 2018-11-29 19:24 UTC (History)
17 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-05-28 18:34:40 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Alan Bartlett 2010-12-29 17:12:12 UTC 
Description of problem: System configured with GUI. The gdm greeter displays a list of all valid user accounts. That is not acceptable for an Enterprise Class OS. It is a significant security lapse that should have been corrected before GA.


Version-Release number of selected component (if applicable): 2.30.4-21


How reproducible: 100%


Steps to Reproduce:
1. Configure a RHEL 6.0 system to run with a GUI
2. Examine the gdm greeter screen
3.
  
Actual results: gdm greeter screen displays a list of all valid user accounts


Expected results: gdm greeter screen should display "Login" and provide an input box for the user to type her|his login id.


Additional info: This bug (yes it is a bug -- a security bug) seems to have its origins in a Fedora "feature". 

(See https://bugzilla.redhat.com/show_bug.cgi?id=449728)
Comment 2 Scott Robbins 2010-12-29 17:47:08 UTC 
Not even Windows does this.  (Though Apple does.)  Windows will show the last user, but will not give a list of users on the machine. 

The reasons against it, in any kind of work environment, seem obvious to me. 

Typical situation, if the machine is used as workstation---John goes to Bob's machine, sees his login name and guesses that the password is Bob's wife's name.
Comment 3 Ray Strode [halfline] 2011-01-18 22:57:28 UTC 
You can turn off the user list via GConf configuration.

See http://library.gnome.org/admin/gdm/stable/configuration.html.en for more details.
Comment 4 Alan Bartlett 2011-01-18 23:50:52 UTC 
Re-opening.

I'm sorry Ray but that Fedora-type response is not appropriate for RHEL.

The correct, default, configuration is with that security defect disabled. If an end user requires it turned on, then they can do so.

This is a security bug and it should be treated as such. The necessary correction should be made to the default configuration and a bug-fixed package released.
Comment 6 RHEL Program Management 2011-01-27 02:28:11 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 7 Suzanne Logcher 2011-10-06 18:49:20 UTC 
Since RHEL 6.2 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.
               
Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 8 Mike Grima 2011-12-28 12:58:25 UTC 
There is a problem with the proposed gconf configuration command that supposedly fixes the problem: it kills smart card login support.

Increasingly, many secure environments are using smart cards to control access to their systems, and thus, this command is not a proper workaround to this problem.

I am currently in the process of submitting a support ticket for this to be resolved, because this is very serious.  Displaying all available user accounts on the system is a major security problem that is unacceptable for an enterprise class OS, such as RHEL.

This is a major regression from RHEL 5 which did not present a user list, and also allowed for proper smart card login support.

This problem should, at the very least, be addressed in RHEL 6.3 or 6.4.
Comment 9 Alan Bartlett 2012-10-18 15:04:59 UTC 
Bumping this issue to ensure that it is not forgotten.
Comment 12 Alan Bartlett 2013-02-25 19:23:02 UTC 
RHEL 6u4

Bumping this issue to ensure that it is not forgotten.
Comment 15 Jiri Koten 2013-05-15 14:04:27 UTC 
Smartcard login with disabled user list was fixed in gdm-2.30.4-38.el6.

Related errata in rhel64 https://rhn.redhat.com/errata/RHBA-2013-0381.html
[snip]
* With this update, GDM has been modified to allow smartcard authentication when
the visible user list is disabled. (BZ#719647)
Comment 20 Siddharth Nagar 2014-05-28 18:34:40 UTC 
We understand that displaying login user names can be undesirable in accordance with corporate security policies. Unfortunately, we cannot change the system installed default behaviour mid-stream. We can however, provide the following as a means to change the default behaviour for your environment:

This policy can be adjusted at machine-level via the /apps/gdm/simple-greeter/disable_user_list GConf configuration key.  To make this change, run gconf-editor as root, navigate to /apps/gdm/simple-greeter, right click on the disable-user-list key and choose "Set as Default" from the context menu.

Alternatively, the gconftool-2 command can be used to --load the updated policy from a suitable xml file:

<gconfentryfile>
  <entrylist base="/apps/gdm/simple-greeter">
    <entry>
      <key>disable_user_list</key>
      <schema_key>/schemas/apps/gdm/simple-greeter/disable_user_list</schema_key>
      <value>
        <bool>true</bool>
      </value>
    </entry>
  </entrylist>
</gconfentryfile>
Note You need to log in before you can comment on or make changes to this bug.