Bug 33710
| Summary: | GDM with XDMCP on and changes to /dev/console owner | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Steve Bonneville <sbonnevi> |
| Component: | gdm | Assignee: | Havoc Pennington <hp> |
| Status: | CLOSED RAWHIDE | QA Contact: | Aaron Brown <abrown> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.1 | CC: | nalin |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2001-07-20 16:11:24 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Nalin says this should be fixed in usermode errata. However, I've also removed the GiveConsole/TakeConsole scripts from the gdm package; they should not be necessary. This is in gdm-2.2.3.1-9. |
From Bugzilla Helper: User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.2-0.1.19 i686) A misconfiguration in /etc/X11/gdm will cause users logging in remotely via a gdm-managed XDMCP session to be given ownership of /dev/console improperly. Reproducible: Always Steps to Reproduce: 1. On machine "victim", in /etc/X11/gdm/gdm.conf set "Enable=1" in the [xdmcp] section. Restart gdm. 2. On machine "victim", log in through gdm as a normal user ("alice"). 3. While logged in on a remote machine, `Xnest -query victim :1`. 4. In the Xnest session, log in through gdm to the "victim" machine as a different user ("bob"). Actual Results: The second user ("bob") gets ownership of /dev/console, even though he's not logging in locally. Expected Results: The first (local) user ("alice") should have retained ownership of /dev/console. This works properly when xdm has XDMCP turned on and is used instead. By default, XDMCP is turned off in gdm, so most users will not be affected by this bug. However, it also applies to 7.0 (at least). FIX to match xdm (and kdm?) behavior: /etc/X11/gdm/PreSession/Default should be moved to /etc/X11/gdm/PreSession/:0 /etc/X11/gdm/PostSession/Default should be moved to /etc/X11/gdm/PostSession/:0 (/etc/X11/gdm/Init/Default is correct.)