LXDM X authentication issues

[Tomas Hoger <thoger () redhat com>]

Hi!

LXDM before 0.5.2 did not start X server with -auth parameter.
Therefore any user able to connect to it (typically all local users)
would have their X connections accepted.  The issue was fixed via:

http://git.lxde.org/gitweb/?p=lxde/lxdm.git;a=commitdiff;h=e8f387089e241360bdc6955d3e479450722dcea3

LXDM also defaults to not restarting X server between sessions, and
does not change authentication cookies or remove xhost authorizations.
This allows local user to be able to connect to the X server after they
logged out.  The 'reset' option in lxdm.conf controls whether X server
is restarted on session user close.

-- 
Tomas Hoger / Red Hat Product Security