Bug 666220
Summary: | The gdm greeter should be configurable so as not to display list of valid user accounts | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Alan Bartlett <ajb> |
Component: | gdm | Assignee: | Ray Strode [halfline] <rstrode> |
Status: | CLOSED NOTABUG | QA Contact: | Desktop QE <desktop-qa-list> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.5 | CC: | agunn, amyagi, bruno.travouillon, herrold, igeorgex, jcm, jkoten, pasteur, phil, rstrode, scottro11, snagar, syeghiay, tbowling, tlavigne, toracat, tpelka |
Target Milestone: | rc | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-05-28 18:34:40 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 960054, 1056252 |
Description
Alan Bartlett
2010-12-29 17:12:12 UTC
Not even Windows does this. (Though Apple does.) Windows will show the last user, but will not give a list of users on the machine. The reasons against it, in any kind of work environment, seem obvious to me. Typical situation, if the machine is used as workstation---John goes to Bob's machine, sees his login name and guesses that the password is Bob's wife's name. You can turn off the user list via GConf configuration. See http://library.gnome.org/admin/gdm/stable/configuration.html.en for more details. Re-opening. I'm sorry Ray but that Fedora-type response is not appropriate for RHEL. The correct, default, configuration is with that security defect disabled. If an end user requires it turned on, then they can do so. This is a security bug and it should be treated as such. The necessary correction should be made to the default configuration and a bug-fixed package released. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative. Since RHEL 6.2 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. There is a problem with the proposed gconf configuration command that supposedly fixes the problem: it kills smart card login support. Increasingly, many secure environments are using smart cards to control access to their systems, and thus, this command is not a proper workaround to this problem. I am currently in the process of submitting a support ticket for this to be resolved, because this is very serious. Displaying all available user accounts on the system is a major security problem that is unacceptable for an enterprise class OS, such as RHEL. This is a major regression from RHEL 5 which did not present a user list, and also allowed for proper smart card login support. This problem should, at the very least, be addressed in RHEL 6.3 or 6.4. Bumping this issue to ensure that it is not forgotten. RHEL 6u4 Bumping this issue to ensure that it is not forgotten. Smartcard login with disabled user list was fixed in gdm-2.30.4-38.el6. Related errata in rhel64 https://rhn.redhat.com/errata/RHBA-2013-0381.html [snip] * With this update, GDM has been modified to allow smartcard authentication when the visible user list is disabled. (BZ#719647) We understand that displaying login user names can be undesirable in accordance with corporate security policies. Unfortunately, we cannot change the system installed default behaviour mid-stream. We can however, provide the following as a means to change the default behaviour for your environment: This policy can be adjusted at machine-level via the /apps/gdm/simple-greeter/disable_user_list GConf configuration key. To make this change, run gconf-editor as root, navigate to /apps/gdm/simple-greeter, right click on the disable-user-list key and choose "Set as Default" from the context menu. Alternatively, the gconftool-2 command can be used to --load the updated policy from a suitable xml file: <gconfentryfile> <entrylist base="/apps/gdm/simple-greeter"> <entry> <key>disable_user_list</key> <schema_key>/schemas/apps/gdm/simple-greeter/disable_user_list</schema_key> <value> <bool>true</bool> </value> </entry> </entrylist> </gconfentryfile> |