/etc/X11/xdm/Xresources file contains the line: xlogin.Login.allowRootLogin: false but the xlogin widget let the root log in.
Created attachment 31224 [details] X resouces file
On Mon, Nov 16, 2009 at 00:31:21 -0800, bugzilla-daemon@freedesktop.org wrote: > /etc/X11/xdm/Xresources file contains the line: > > xlogin.Login.allowRootLogin: false > > but the xlogin widget let the root log in. > aiui when using PAM this configuration is not used.
> aiui when using PAM this configuration is not used. Should not have to be marked this somehow in the log file? :-)
The allowRootLogin code seems to have only been implemented for USE_BSDAUTH (which doesn't appear to ever be defined by configure.ac) and the OpenBSD version of the non-PAM/direct getpwent() authentication backend. I don't see why it should be OpenBSD specific, so have moved it outside of the #ifdef __OpenBSD__ and added it to the PAM backend as well, plus added a warning to the xdm man page that it depends on the authentication method built into xdm, and will submit a patch with that for comment to xorg-devel.
Created attachment 34130 [details] [review] Proposed patch submitted to xorg-devel http://lists.x.org/archives/xorg-devel/2010-March/006276.html
Pushed fix to git master.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.