On Wed, Nov 9, 2011 at 5:11 AM, Danilo Pianini <danilo.pian...@gmail.com> wrote: > Guys, > I noticed that we allow KDM to restart the system without asking for > any pasword. This could lead to problems: it may happen that you let > your applications run and lock the screen, and malicious user can go > back to kdm by switch user, then shut down the system and killing all > the ongoing work. > In my opinion the default policy shouldn't allow this, since it is > possible to specify that root password is required to shutdown from > KDM. >
I worry a policy like this leads to root password abuse. You should be able to use your system for it's intended purpose without needing to supply a root password. On a Desktop system, I think it's reasonable that a user will periodically shutdown/reboot (a server is another matter). This seems more like a bug in KDM to me. KDM should not reboot when sessions are still active. But when people have physical access to a system, you can't stop them from rebooting/shutting down your system if they want to. I'm also slightly confused about your scenario and how KDE works. When the screensaver locks your session in KDE, does it really let you drop out to KDM? If we can adjust our policy so that the screensaver actually locks your screen, I'd be all for that.
