oss-sec mailing list archives
Re: gdm PostLogin script executes scripts as user gdm
From: Josh Bressers <bressers () redhat com>
Date: Tue, 22 Feb 2011 15:54:11 -0500 (EST)
----- Original Message -----
Hello oss-security, should we consider this as a vulnerability? https://bugzilla.gnome.org/show_bug.cgi?id=602403
I'm not sure this is a security flaw. It's not running user controlled
scripts (at least not by default). In order for it to run a user controlled
script, the admin would have to modify the Default script. Is this normal?
I'm not all that familiar with expected use of gdm, perhaps someone who
knows more can chime in?
Thanks.
--
JB
Current thread:
- gdm PostLogin script executes scripts as user gdm Thomas Biege (Feb 22)
- Re: gdm PostLogin script executes scripts as user gdm Josh Bressers (Feb 22)
- Re: gdm PostLogin script executes scripts as user gdm Thomas Biege (Feb 23)
- Re: gdm PostLogin script executes scripts as user gdm Josh Bressers (Feb 22)