Bug 33710 - GDM with XDMCP on and changes to /dev/console owner
GDM with XDMCP on and changes to /dev/console owner
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: gdm (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Havoc Pennington
Aaron Brown
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-03-28 18:11 EST by Steve Bonneville
Modified: 2007-04-18 12:32 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-07-20 12:11:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Steve Bonneville 2001-03-28 18:11:50 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.2-0.1.19 i686)


A misconfiguration in /etc/X11/gdm will cause users logging in remotely via
a gdm-managed XDMCP session to be given ownership of /dev/console
improperly.

Reproducible: Always
Steps to Reproduce:
1. On machine "victim", in /etc/X11/gdm/gdm.conf set "Enable=1" in the
[xdmcp] section.  Restart gdm.
2. On machine "victim", log in through gdm as a normal user ("alice").
3. While logged in on a remote machine, `Xnest -query victim :1`.
4. In the Xnest session, log in through gdm to the "victim" machine as a
different user ("bob").


Actual Results:  The second user ("bob") gets ownership of /dev/console,
even though he's not logging in locally.

Expected Results:  The first (local) user ("alice") should have retained
ownership of /dev/console.  This works properly when xdm has XDMCP turned
on and is used instead.

By default, XDMCP is turned off in gdm, so most users will not be
affected by this bug.  However, it also applies to 7.0 (at least).

FIX to match xdm (and kdm?) behavior:

/etc/X11/gdm/PreSession/Default should be moved to
  /etc/X11/gdm/PreSession/:0

/etc/X11/gdm/PostSession/Default should be moved to
  /etc/X11/gdm/PostSession/:0

(/etc/X11/gdm/Init/Default is correct.)
Comment 1 Havoc Pennington 2001-08-01 11:39:07 EDT
Nalin says this should be fixed in usermode errata. 

However, I've also removed the GiveConsole/TakeConsole scripts from the 
gdm package; they should not be necessary. This is in gdm-2.2.3.1-9.

Note You need to log in before you can comment on or make changes to this bug.