ANNOUNCE: GDM, the "George deserves a spanking!" release


Ahh, I thought it would never happen.  But now it did, now I am one of the
cool kids.  I feel like singing.  Yes you guessed right, there was a security
hole in gdm.  OK what's affected, all versions 2.2.x (and probably most 2.0.9x
as well) local displays only.  The problem is that gdm forgot to make up a new
cookie before it reset the X server.  Fortunately it has been in the past
overzelaous and killed the slave process most of the time on logout which also
ran a completely new X server with completely new cookies.  However sometimes
it did actually just reinit making it possible for one user to gain access
to the X server of the user who logs in next.  Not really a problem for home
users as there is no network problem.  However public access terminals or
places where you don't trust other people on the local console should upgrade.

Well, you should upgrade anyway, cuz 2.2.2 had a bunch of pretty serious bugs
which for example could have prevented people from logging in.  Also new in
this release is an actual working XDMCP, now remote xdmcp has been working in
2.2.0, but was broken in 2.2.1 and 2.2.2.  Now in both local and
remote XDMCP work properly.

A note on this release is that the "ja" and "zh_TW.Big5" translations aren't
included because the files on CVS are b0rk and have some illegal characters
and such other things.  I hope to fix this before next release.

And now for the standard part of the release announcement:

Ahh, so you have no clue what gdm is?  Well if you've read this far ... let's
not get into that.  Gdm is GNOME Display Manager, the little daemon that lets
you log in to your computer.  It allows xdmcp multiple login displays,
selection of languages, multiple login sessions and generally is much cooler
then any xdm clone out there, mostly cuz it isn't an xdm clone to begin with.
I mean heck, it's even got a graphical configurator, so you don't have to use
the command line to hose your system anymore.


Note the elongating version number.  I think next release will be,
since that sounds cool.  Note that translators didn't get enough notice
to do their proper updates because of the security aspect of the release,
it will be better with the next release.

Highlights of

- SECURITY FIX!  Rebake cookies before reinitializing the local X server.
  Only local X servers are affected, this bug allowed an attacker to log in,
  save his cookie, which would then be used for the user who logs in next.

- Fix a race preventing users to log in sometimes

- Ability to turn of failsafe and chooser sessions (Havoc)

- Fix mit cookie usage to not clobber cookies containing zeros

- Fix remote XDMCP authentication

- Pinging for XDMCP sessions to detect if they're dead

- Saving current gnome session is done from gdm (gnome-core HEAD no longer
  saves it)

- Don't change utmp from Pre/Post session scripts

- PAM related fixes

- Better handeling of X failiures

- Nicer iconify button

- gdmphotosetup permissions fixes

- Always add POSIX/C locale setting to language menu

- Nicer minimize button

- Ignore .rpmorig files

- Other fixes

- Translations (Stanislav Visnovsky, Kjartan Maraas, me)

Note:  Gdm2 was originally written by Martin K. Petersen <mkp mkp net>, and
is now maintained by the Queen of England.  Although when she's not answering
her email, me or Lee Mellabone usually cover for her.

Note2:  If installing from the tarball do note that make install now
overwrites most of the setup files, all except gdm.conf and gnomerc.  It will
however save backups with the .orig extention first.

Note3:  Distributors, packagers.  Please, PLEASE use the standard Gnome script
when setting things up as gnome, or at least equivalently working scripts.  It
should never be OK to just exec gnome-session, that is considered bad form.
The script needs to read (if available) the ~/.gnomerc and otherwise read
the <sysconfdir>/gdm/gnomerc file.  This allows users and administrators to
setup custom startup for gnome.  Another thing is that if your distro
doesn't have gnome-core you should probably disable the Gnome Chooser
stuff until that happens (you should update gnome-core anyway).  Third thing is
make sure to set up the X servers to run on the correct virtual terminals if
you start the gdm process before the other login thingies.  See the end of the
gdm.conf sample file.


To download the beast, go to:

(Note: I've also made an Alpha/Linux rpm, which is available at the 5z site)

Have fun,


PS:  I'm too tired to add a funny "PS".  I've spent the last around 10 hours
inside xdm sources, X/unix documentation and gdm xdmcp and authentication
stuff.  That's enough to kill an elephant

George <jirka 5z com>
   I thoroughly disapprove of duels.  If a man should challenge
   me, I would take him kindly and forgivingly by the hand and
   lead him to a quiet place and kill him.
                       -- Mark Twain

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]