Re: denied avcs for kde again :(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Daniel J Walsh wrote:
> I have also seen similar with it trying to create the directory in
> /root.  Which is also somewhat bad.  I do not want to give login
> programs the ability to write to these directories, because attackers
> without passwords can get the login programs to execute large amounts of
> codes without ever identifying themselves.  gdm is setup with a homedir
> of /var/lib/gdm, which allows us to confine the gdm login program.
> 
> Kde login needs something similar,  I believe there is a bug on this,
> but it would not hurt to open another.

KDM runs as root, so of course its homedir is /root. KDM does not support
running as anything other than root (just like XDM and pretty much any
display manager other than the latest GDM).

        Kevin Kofler

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux