[12308] in bugtraq
Re: Problems with redhat 6 Xsession and pam.d/rlogin.
daemon@ATHENA.MIT.EDU (Ari Gordon-Schlosberg)
Thu Oct 21 15:33:53 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991020185139.A19349@nebcorp.com>
Date: Wed, 20 Oct 1999 18:51:39 -0500
Reply-To: Ari Gordon-Schlosberg <regs@NEBCORP.COM>
From: Ari Gordon-Schlosberg <regs@NEBCORP.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <199910071956.aa58337@salmon.maths.tcd.ie>
[David Malone <dwmalone@MATHS.TCD.IE>]
> I've found two problems which seem to be present in RedHat 6.0 and RedHat 6.1.
> They're not earthshatteringly bad, but...
>
> 1) Xsession on RedHat will start kde, gnome or anotherlevel
> rather than running a user's .xsession file, if you choose
> one of these from kdm. This is bad if you have account
> which have a special shell and xsession which are supposed
> to only allow one use of the account.
>
> Maybe it would be sensible to check a user has a shell listed
> in /etc/shells before starting a kde, gnome or anoterlevel
> session for them.
This issue is fixed in RedHat 6.1, where gdm (the xdm replacement) will run
the user's .xsession rather than gnome or kde.
--
Ari there is no spoon
-------------------------------------------------------------------------
http://www.nebcorp.com/~regs/pgp for PGP public key
