>Number:         17184
>Category:       pkg
>Synopsis:       gdm package Browser option does not work correctly on NetBSD
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 06 18:09:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Cliff Wright
>Release:        1.5.2
>Organization:
>Environment:
NetBSD e270644 1.5.2 NetBSD 1.5.2 (e270644) #0: Tue Jun  4 17:53:18 PDT 2002
root@e270644:/usr/src/sys/arch/i386/compile/e270644 i386
>Description:
The gdm package Browser option works correctly under Linux, but
not under NetBSD. I suspect this is due to a security bug in Linux.
Any way I have been using the below patch for some time, so thought
I would turn it in as a possible local patch for the gdm package.

>How-To-Repeat:
In the file /usr/X11R6/etc/gdm/gdm.conf set
Browser=true
and change PidFile from xdm.pid to
PidFile=/var/run/gdm.pid (really another bug)
>Fix:
I used the following patch in /usr/pkgsrc/x11/gdm/work/gdm-2.2.0/gui

--- gdmlogin.c.orig     Sun Mar 11 20:24:07 2001
+++ gdmlogin.c  Thu Jun  6 17:48:32 2002
@@ -1971,11 +1971,17 @@
        const char * const lockout_passes[] = { "*", "!!", NULL };
        gint i;

+       /* pw_passwd is set to "*" by NetBSD
+        * because this is a non-root process, however Linux allows
+        * this to be set to the real string.
+        * That is probably a security bug in Linux. cliff */
+#ifdef linux
        for (i=0 ; lockout_passes[i] != NULL ; i++)  {
                if (strcmp (lockout_passes[i], pwent->pw_passwd) == 0) {
                        return TRUE;
                }
        }
+#endif

        if (GdmExclude != NULL &&
            GdmExclude[0] != '\0') {
>Release-Note:
>Audit-Trail:
>Unformatted: