Glenn: >> If configured, GDM can will display "Shutdown" and "Restart" buttons >> for shutting down and restarting the machine. Refer to section 4.1.9 >> for more information. > This should not be configured by default if the user is not authenticated.
The "gdm" is not configured to have the solaris.system.shutdown authorization by default, so these buttons do not show up by default. >> By default GDM now displays all users on the system in a face browser >> so the user can select the username from a list and then enter the >> password. The most frequent users are displayed first and the list >> of frequent users is obtained using the ConsoleKit /usr/bin/ck-history >> interface. The face browser includes an "Other" choice which allows >> the user to avoid using the face browser and enter the PAM prompts >> directly (e.g. username and password) if they wish. This "Other" >> choice is needed, for example, to login as a system user, since system >> users are not displayed in the face browser. The face browser feature >> can be disabled via configuration so that users simply enter responses >> to PAM prompts. For example, many Sun Ray users would likely want to >> disable the Face Browser. > It is a security vulnerability to display the list of valid usernames to > unauthenticated individuals, so we shouldn't deliver the system with > this configured by default. We can easily configure GDM to work either way. If it is a requirement to turn this off, then this is no problem. However, all other GNOME distributions turn it on by default, so I wonder if we really want to be different in this area. With the face browser turned on, GDM behaves more like the Windows login program where the user just clicks on the user they wish to login. So, from a desktop usability perspective, the face browser is a good feature to have on. If we choose to leave the face browser enabled by default, there is no reason that users who wish to turn off the feature for security reasons can't do so. I'll leave this up to ARC to decide, I just wanted to share some of the thoughts behind the decision by the upstream GDM community to turn it on by default. >> Once the user has entered their username, or selected it via the >> face browser, the panel shows interfaces for selecting the session to >> log into and the language to use. If there is only one session type >> installed on the system, the session selection interface is not >> displayed and GDM assumes the user will log the user into that one >> available session. The user's default choices for session and language >> are automatically selected, so the user only needs to select them on >> first-time login or if they wish to use a non-default value. If a >> non-default value is selected, GDM automatically makes it the new >> default value for that usre in subsequent logins. > Hopefully we can use this feature when TX is enabled to specify single > or multilevel sessions. The way that the .desktop files in /usr/share/xsessions work has not changed from the old GDM to the new GDM. The behavior of how /usr/share/xsessions works is a cross-desktop standard that also works with KDE, for example. So, if TX provides multiple .desktop files, they should work the same as with the old GDM. As an aside, I corrected the spelling of "usre" to "user" in the onepager in the case materials, now that I noticed that error in your quote. Brian
