Re: gdm Create User

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, 2007-10-06 at 18:18 -0400, Simo Sorce wrote:
> Leaking the information that a user exists or not is considered bad.

Though I do not think that gdm is the right place to create user
accounts, I disagree with this statement.

Knowing that an user exists or not is in principle about the same
dangerous as knowing whether a machine is up or not. Or should we
declare ping to be a security threat?

-- 
Lubomir Kundrak (Red Hat Security Response Team)

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux