It was reported that it's possible to login as "sddm" user without authentication:
This is since if sddm detects that user in the PamBackend,
if (user == "sddm")
service = "sddm-greeter";
else if (m_app->session()->path().isEmpty())
service = "sddm-check";
else if (m_autologin)
service = "sddm-autologin";
result = m_pam->start(service, user);
and the sddm-greeter PAM config basically just has a pam_permit.
More info is available at . Upstream patch is at .
Created sddm tracking bugs for this issue:
Affects: fedora-all [bug 1149628]
sddm-0.9.0-2.20141007git6a28c29b.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
sddm-0.9.0-2.20141007git6a28c29b.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.