Re: gdm 2.4.0.7

From: "Martin K. Petersen" <mkp mkp net>
To: Michael Houle <mike admin atco ca>
Cc: gdm sunsite dk
Subject: Re: gdm 2.4.0.7
Date: 03 Feb 2003 12:49:38 -0500

>>>>> "Michael" == Michael Houle <mike admin atco ca> writes:

Michael> After tcpdumping, I realized that the eXceed client was
Michael> getting the error: "Maximum number of sessions from your
Michael> host".

Michael> - Can I recommend that gdm be written to record individual
Michael> sessions in a file/files in /var/gdm ? i.e. If this problem
Michael> happens, it would be nice to be able to 'rm' the users
Michael> session.

This has nothing to do with user sessions.

Due to the way the XDMCP protocol is designed, it is trivial to do a
Denial of Service attack against an XDM daemon (You can write a small
trivial program to cause the xdm daemon to use up all available memory
on a system).

So when I implemented XDMCP in GDM, I added a few hacks to prevent
against attacks like that.

Depending on your gdm.conf (look at the [xdmcp] section), the daemon
will only allow one connection per remote IP.  And it requires that IP
to finish the handshaking within a certain period of time.

It seems that for some reason the remote display don't get removed
from the active list when the users log out.

I don't know if George has changed any of this code recently.  But as
a quick workaround you could try bumping DisplaysPerHost to 2.

-- 
Martin K. Petersen	Wild Open Source, Inc.
mkp wildopensource com	http://www.wildopensource.com/

Follow-Ups:
- Re: gdm 2.4.0.7
  - From: George

References:
- gdm 2.4.0.7
  - From: Michael Houle

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]