Bug 134810 - [security breach] start new session: hidden user names are revealed
Summary: [security breach] start new session: hidden user names are revealed
Status: RESOLVED WORKSFORME
Alias: None
Product: kdm
Classification: Miscellaneous
Component: general (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR normal
Target Milestone: ---
Assignee: kdm bugs tracker
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-09-28 21:31 UTC by Maciej Pilichowski
Modified: 2008-05-19 17:30 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Maciej Pilichowski 2006-09-28 21:31:56 UTC 
Version:            (using KDE KDE 3.5.4)
Installed from:    SuSE RPMs

It is not a bug per se, but since it is a security problem I set it to a bug status.

Turn on computer, wait till KDE is loaded and you are logged in. Start new session. Look at the public user names (I have 3: me, guest and postgres -- the last is temporary). Log in as hidden user, for example root. When session is opened turn off computer. Turn it on again. Wait for KDE, start new session --> "root" is suggested by KDM.
Comment 1 Maciej Pilichowski 2006-09-28 21:34:18 UTC 
Duplicate of https://bugs.kde.org/show_bug.cgi?id=130596, sorry I have no idea how I was able to miss it :-(