Bug 449728 - gdm greeter should be configurable to not display list of valid user accounts
Summary: gdm greeter should be configurable to not display list of valid user accounts
Alias: None
Product: Fedora
Classification: Fedora
Component: gdm   
(Show other bugs)
Version: 9
Hardware: All Linux
Target Milestone: ---
Assignee: jmccann
QA Contact: Fedora Extras Quality Assurance
: 475071 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2008-06-03 07:37 UTC by Red Crayon
Modified: 2015-01-14 23:21 UTC (History)
17 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-07-14 15:32:22 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Red Crayon 2008-06-03 07:37:00 UTC
Description of problem:

The new GDM greeter *sucks*

Yeah, yeah, this is not a bug.  Whatever.  It sucks.
And. Needs. To. Be. Fixed. Before. People. Start. 
Using. Other. Distros.

And it's a security risk to have all the login accounts
displayed.  The names of the accounts on my computer are 
my business, only.  When the TSA guys ask me to boot my 
machine, they should see: "USERNAME: ", and *NOT* a list
of users.

Version-Release number of selected component (if applicable):

How reproducible:


Steps to Reproduce:
1. Turn on computer.
2. Sucks instantly.
Actual results:


Expected results:

USERNAME: ___________

Additional info:

Comment 1 Michael H. Warfield 2008-06-08 19:59:22 UTC
No...  This is a bug.  It really is a security vulnerabilty.  And a moderately
serious one.  It's an unauthorized information disclosure vulnerability.  This
exposes the list of all valid accounts to any unauthenticated and unauthorized
persons who can view the screen.  Anyone who disabled this misfeature in past
versions of Fedora will be rudely surprised that they just blew away their
security precautions by upgrading to F9.  This may not even be allowed in some
corporate environments where this would violate corporate security policy.

Comment 2 Michael H. Warfield 2008-06-08 20:05:01 UTC
Workaround...  Switch to kdm.

in /etc/sysconfig/desktop


Then restart X and "killall gdm-binary"

Comment 3 Andy Fitzsimon 2008-06-09 03:15:29 UTC
automatic login (no security) or manual entering of username / pass.

this hybrid approach does suck.  

having a huge scrolling list for all usernames in a tiny box really makes it
difficult to just login anyway, not to mention the by-default disclosure of
information like users on my systems.  (i'm lucky andy starts with A)

Whose idea was it?
where is the rationale?

I'm interested to know what could possibly validate this implementation other
than "other operating systems make this mistake too"

Comment 4 Tomas Hoger 2008-06-09 08:44:35 UTC
Is there any documentation for gdm-2.22?  Upstream page only has docs up to 2.20:


Setting Include= or MinimalUID= mentioned in the 2.20 docs does not seem to have
any effect.  gdmsetup seems to have been dropped as well (as briefly mentioned
in the NewGdm feature):


The Feature description above explains that new gdm attempts to provide smart
user list.  So is there a way to configure it in a good old non-smart way with
no user list?

Comment 5 Gabriel M. Elder 2008-06-11 14:21:36 UTC
See also bug # 433649 . The crux of these problems is the fact that the
functionality easily accessed via the gdmsetup gui is now completely gone. The
alpha-ness of this situation, in addition to a few other significant bugs that
I've stumbled across in this release, is unacceptable to me. Do we have an ETA
on this? Hopefully ASAP?

Comment 6 Tomas Hoger 2008-12-08 08:25:06 UTC
*** Bug 475071 has been marked as a duplicate of this bug. ***

Comment 7 Ian Collier 2008-12-08 11:18:04 UTC
Is this not a straight duplicate of bug 433649?  It is partially fixed in F10, in that there is a gconf key you can set to disable the user list (although still no configuration utility to make it easy to set).  The other bug says that this "might" appear in F9 at some point, but I don't think it has yet.

<opinion>Gconf sucks anyway.  Give me a configuration file I can edit any day.</opinion>

Comment 8 John Griffiths 2009-02-02 18:06:51 UTC
I could not get the gconf key to work.

I tried using gconf-editor and gconftool-2 to set the value for /apps/gdm/simple-greeter/disable_user_list. The schema says:

# gconftool-2 -g /schemas/apps/gdm/simple-greeter/disable_user_list
Type: bool
List Type: *invalid*
Car Type: *invalid*
Cdr Type: *invalid*
Default Value: false
Owner: gdm-simple-greeter
Short Desc: Do not show known users in the login window
Long Desc: Set to TRUE to disable showing known users in the login window.

So I set the value for /apps/gdm/simple-greeter/disable_user_list to true using gconf-editor. gconftool-2 shows that it is set to true.

# gconftool-2 -g /apps/gdm/simple-greeter/disable_user_list

I still get a user list.

Fedora 10 is great in some ways, but gconf and simple-greeter is alpha all the way.

Comment 9 Tim Kendall 2009-04-06 21:26:00 UTC
Workaround for greeter problem running Fedora 10 

gconftool-2 --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults  \\ --direct --type bool --set /apps/gdm/simple-greeter/disable_user_list true 

This does away with the execrable user list and also allows one to hide accounts.

Found on http://www.nabble.com/Fedora-10-login-screen-td21841705.html

By the way

# yum install gconf-editor; gconf-editor & \\ yields:

"Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See http://www.gnome.org/projects/gconf/ for information. (Details -  1: Failed to get connection to session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.)"


"An error occurred while loading or saving configuration information for gconf-editor. Some of your configuration settings may not work properly."

followed by some half-working GUI.

Comment 10 Tim Kendall 2009-04-06 21:29:51 UTC
GnomeUI-WARNING **: While connecting to session manager:
None of the authentication protocols specified are supported.

Oh, and it said that in my xterm.

Comment 11 John Griffiths 2009-04-08 15:21:59 UTC
The workaround, as I understand it, is the proper way to configure things like the simple-greeter now. I had tried it but was missing the "--config-source xml:readwrite:/etc/gconf/gconf.xml.defaults" and wound up modifying root's personal configuration which does nothing to the simple-greeter.

BUT now the simple greeter displays "other" and no longer keeps the default desktop, if you have more than one configured, for the user. The user has to enter their user name, enter their password, go to the bottom of the screen and select the desktop that is wanted if other than the default, and then log in. 

It is safer that the users are not shown on the simple-greeter, but using "other" instead of the user name entered to select the desktop is inconvenient. I hope this will be fixed in a revision. If there is not a bug on this subject, I will file one.

Comment 12 Jack Deslippe 2009-04-27 21:29:02 UTC
I couldn't agree more.  The new GDM just plain sucks.  It is has been here for 3 releases now - and is still incomplete.  That grey login box is dead ugly, and you can't theme it.  It shows a list of users but not the icons next to them if you have nfs folders.  You can't get rid of the user list without going to gconf.  Since there is no configuration tool, you can't set autologin etc...  

Why on earth are we using this new version???  I echo the original posters statement: the new gdm sucks!

Comment 13 Bug Zapper 2009-06-10 01:22:11 UTC
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '9'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 9's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 9 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 

Comment 14 Jón Fairbairn 2009-07-03 07:18:55 UTC
This is still present in Fedora 11, though it's now possible to find documentation <http://live.gnome.org/GDM/2.22/Configuration> via <http://fedoraproject.org/wiki/Features/NewGdm#Documentation>

Comment 15 Bug Zapper 2009-07-14 15:32:22 UTC
Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Comment 16 Christopher Beland 2010-02-23 07:38:30 UTC
From other reports, this appears to be successfully configurable now in Fedora 11, 12, and 13.

Comment 17 Jack Perdue 2010-02-23 08:02:07 UTC
Bah... successfully configurable... only if you Google to Comment 9 and come up with:

gconftool-2 --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --direct --type bool --set /apps/gdm/simple-greeter/disable_user_list true

Fedora 12... esle teh fail.

Comment 18 Chad Feller 2010-12-03 23:37:48 UTC
(In reply to comment #17)
> Fedora 12... esle teh fail.
This workaround works in RHEL6 too, as RHEL6 is based off of Fedora 12.


This ticket should be reopened under RHEL 6.  

Furthermore, since this is sort of a security/privacy issue, and RHEL6 is for the "enterprise", shouldn't this be fixed?

Note You need to log in before you can comment on or make changes to this bug.