Subject: pkg/17184: gdm package Browser option does not work correctly on NetBSD
To: None <gnats-bugs@gnats.netbsd.org>
From: None <cliff@snipe444.org>
List: netbsd-bugs
Date: 06/06/2002 18:08:18
>Number: 17184
>Category: pkg
>Synopsis: gdm package Browser option does not work correctly on NetBSD
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jun 06 18:09:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Cliff Wright
>Release: 1.5.2
>Organization:
>Environment:
NetBSD e270644 1.5.2 NetBSD 1.5.2 (e270644) #0: Tue Jun 4 17:53:18 PDT 2002
root@e270644:/usr/src/sys/arch/i386/compile/e270644 i386
>Description:
The gdm package Browser option works correctly under Linux, but
not under NetBSD. I suspect this is due to a security bug in Linux.
Any way I have been using the below patch for some time, so thought
I would turn it in as a possible local patch for the gdm package.
>How-To-Repeat:
In the file /usr/X11R6/etc/gdm/gdm.conf set
Browser=true
and change PidFile from xdm.pid to
PidFile=/var/run/gdm.pid (really another bug)
>Fix:
I used the following patch in /usr/pkgsrc/x11/gdm/work/gdm-2.2.0/gui
--- gdmlogin.c.orig Sun Mar 11 20:24:07 2001
+++ gdmlogin.c Thu Jun 6 17:48:32 2002
@@ -1971,11 +1971,17 @@
const char * const lockout_passes[] = { "*", "!!", NULL };
gint i;
+ /* pw_passwd is set to "*" by NetBSD
+ * because this is a non-root process, however Linux allows
+ * this to be set to the real string.
+ * That is probably a security bug in Linux. cliff */
+#ifdef linux
for (i=0 ; lockout_passes[i] != NULL ; i++) {
if (strcmp (lockout_passes[i], pwent->pw_passwd) == 0) {
return TRUE;
}
}
+#endif
if (GdmExclude != NULL &&
GdmExclude[0] != '\0') {
>Release-Note:
>Audit-Trail:
>Unformatted: