I am seeing the following message: Mar 11 04:20:29 dell kernel: audit(1079007629.554:0): avc: denied { read } for pid=2098 exe=/usr/bin/kdm name=mem dev=hda2 ino=2683359 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:memory_device_t tclass=chr_file According to Russell Coker > That's a bug in kdm. It should use /dev/random instead. Reading arbitary > kernel memory as a source of random numbers is bogus anyway.
*** Bug 118123 has been marked as a duplicate of this bug. ***
I have looked at the code a bit. In order for this to work correctly, the kdm/backend/genauth.c file has to be compiled with DEV_RANDOM define set to "/dev/urandom". Configure creates kdm/backend/Imakefile that contains the following: #ifdef RandomDefines RANDOM_DEFINES = RandomDefines #elif defined(OpenBSDArchitecture) RANDOM_DEFINES = -DARC4_RANDOM #elif defined(LinuxArchitecture) RANDOM_DEFINES = -DDEV_RANDOM=\"/dev/urandom\" #elif defined(NetBSDArchitecture) && \ ((OSMajorVersion > 1) || \ (OSMajorVersion == 1 && OSMinorVersion > 3)) RANDOM_DEFINES = -DDEV_RANDOM=\"/dev/urandom\" #endif However, the -DDEV_RANDOM=\"/dev/urandom\" never makes it into the actual Makefile. P.S. A possible workaround is to add the "RandomDevice=/dev/urandom" line to the "General" section of the kdmrc. P.P.S. The same bug exists in xdm (not surprizingly - it appears that the code was borrowed from xdm originally) - see bug 120914. P.P.P.S. kdm complains "Cannot read randomFile "/dev/mem"; X cookies may be easily guessable" because of this, so I guess this makes it a security problem.
i have added a fix for using urandom instead mem. It's fixed in kdebase-3.2.2-3. Thanks for your report.