Bug#580629: gdm3 - allows unauthenticated users to change power configuration
Josselin Mouette
joss at debian.org
Fri May 7 19:18:48 UTC 2010
Le vendredi 07 mai 2010 à 12:08 +0200, Bastian Blank a écrit :
> Package: gdm3
> Version: 2.30.2-1
> Severity: important
>
> gdm3 allows unauthenticated users to change the power configuration,
> including automatic suspend.
>
> This is a DoS on any non-singleuser machine.
What do you mean by “unauthenticated users”? Do you mean it is possible
to change that configuration from the login screen?
--
.''`. Josselin Mouette
: :' :
`. `' “If you behave this way because you are blackmailed by someone,
`- […] I will see what I can do for you.” -- Jörg Schilling
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20100507/3a9965fb/attachment.pgp>
More information about the pkg-gnome-maintainers
mailing list