Re: New module proposal: LightDM



Hi,

Le mardi 17 mai 2011, à 11:56 -0500, Brian Cameron a écrit :
> GDM provides some really neat GNOME integration.  However, much of this
> integration is available because it uses much of the GNOME
> infrastructure (gnome-settings-daemon, metacity, gnome-session, etc.).
> This makes the job of reviewing or auditing GDM quite complicated since
> it is necessary to review not only the GDM code, but all the
> infrastructure code that GDM uses.  With GDM, it is obviously harder to
> keep track that changes in the GNOME infrastructure will not negatively
> impact the security of the display manager.  It becomes more important
> to ensure that developers of infrastructure like g-s-d are aware of how
> their code is used in the GDM context, and that they write good, secure
> code.

I'm obviously no security expert, but doesn't the fact that the greeter
runs as the gdm user and not root mean that the audit on the daemon side
is enough (since the daemon should clearly validate everything that
comes via dbus from the greeter -- there can be other greeters, after
all)?

Of course, you can get issues that will break the gdm greeter, but then
those will also most likely break the user session anyway.

Vincent

-- 
Les gens heureux ne sont pas pressés.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]