https://qa.mandrakesoft.com/show_bug.cgi?id=1179

[EMAIL PROTECTED] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From [EMAIL PROTECTED]  2003-02-20 13:03 -------
-=-=-=-=-=-=-=-=- 
The new Mandrake "kdm" that removes the login text field, forces users to login in 
only  
if they are listed, and makes loging in a two-stage process is a big usability and 
security  
problem.  
-=-=-=-=-=-=-=-=- 
There is no security problem. This feature is only available in low security level. In 
high 
security level, you are able to enter all users you want. There is no icon. And please 
note that only listed login are displayed for ages in Mandrake Linux products. This is 
not a new feature. 
 
There is no usuability problem. This feature is made for beginners and people who are 
not fluent with computers. Apple use this feature for its login manager and it is a 
nice 
feature which make life easier for people who just want to use a computer to perform a 
task. All people don't use computers for pleasure. 
 
If you don't like new KDM, please uninstall kdebase-mdk and/or use drakedm to 
configure which login manager you want to use. 
 
 
-=-=-=-=-=-=-=-=- 
Very bad  
My computer is laptop and be under NIS, my local account is < 500, when I use NIS, I 
can't  login.  
-=-=-=-=-=-=-=-=- 
Users who have UID < 500 should only be system users. Real users should always 
have an UID > 500. 
 
Users who have UID < 500 are not displayed in login managers for ages now. 
 
 
-=-=-=-=-=-=-=-=- 
Very Critical:  
It permit Halt/Reboot from remote kdm login, test with Xnest on localhost:1, which is 
not 
a local console, I won't make a full test from another computer, hope this not works.  
-=-=-=-=-=-=-=-=- 
Only root can shutdown remotely. Where is the problem? 
 
msec should also handle this parameter. 
 
 
-=-=-=-=-=-=-=-=- 
I also want to express my displeasure with the "new" kdm. I have to add root   
to the list, to login as root which I dont like at all. Yes I know, I can   
CTRL-F[1-6], login as root, #startx ... but this sucks. In this form KDM is  
just standing in my way.  
-=-=-=-=-=-=-=-=- 
Nobody should log as root. All you can do as root can be done from an user account if 
you have root password. 
 
Root is not displayed in login managers for ages. 
 
 
-=-=-=-=-=-=-=-=- 
Is there any reason for the "new" design?  
-=-=-=-=-=-=-=-=- 
We think that KDM availalble in KDE 3.1 is not correctly designed. If you don't think 
as 
us, please use original KDM. We don't remove it. You are free to use it. 



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date: 
description: 
I've openned this as a bug because I think it has real usability and security 
problems, 
and because there is an easy solution: 
 
The new Mandrake "kdm" that removes the login text field, forces users to login in 
only 
if they are listed, and makes loging in a two-stage process is a big usability and 
security 
problem. 
 
A good solution would probably be: 
 
1) A mdkkdm package (that can be installed by default) that has this new kdm in it 
(although, I surely hope that it is improved before it's used anywhere!) 
 
2) The original unmodified (but it can be branded, as usual--we have no problem with 
that) kdm being installed by kdebase, and used if mdkkdm is not installed. 
 
Others have made plenty of comments in the cooker ML and can add comments here 
as appropriate.

Reply via email to