Date: Fri, 14 Dec 2001 03:07:40 +0100 From: Raf Schietekat <sky92136@skynet.be> To: FreeBSD-security@FreeBSD.org Subject: kdm grants ordinary users root access on 4.4-R Message-ID: <3C195EEC.9010208@skynet.be>
next in thread | raw e-mail | index | archive | help
Dear experts, When I do startx from a console, my KDE environment starts up as expected (I have "startkde" in both .xsession and .xinitrc). Since I succeeded in setting up kdm (which took some asking and guessing, because I didn't find much in the way of documentation), I have the following problem: >>>>> I wrote on FreeBSD-questions with subject "kdm op 4.4-R" No, hold the presses, now I've got another problem, which some system administrators may frown upon... ;-) When I log in into KDE as my ordinary-user(-though-member-of-wheel) identity, I get my session back as I left it, but when I start up a Konsole (I was going to give the su root kcontrol another try), I notice that I am... root! Right at the prompt greeting me when the window pops up, no su or anything! # whoami root # pwd /usr/home/rfschtkt # cd # pwd /usr/home/rfschtkt [How come cd doesn't take me to /root?] <<<<< (Note that the subject "kdm op 4.4-R" is from a lapse into Dutch, means "kdm on 4.4-R".) Configuration was pretty much as follows: >>>>> I wrote on FreeBSD-questions with subject "kdm op 4.4-R" desktop# ls /usr/local/share/config/kdm kdmrc desktop# cd /usr/local/share/config/kdm desktop# cp /usr/X11R6/lib/X11/xdm/Xservers Xservers desktop# kdm -nodaemon [aha, login window appears... but login fails, Ctrl-Alt-F1] [several error messages about Xaccess, Xsetup, Xstartup, Xreset, Ctrl-C] ^Cdesktop# cp /usr/X11R6/lib/X11/xdm/Xaccess Xaccess desktop# cp /usr/X11R6/lib/X11/xdm/Xsetup_0 Xsetup desktop# cp /usr/X11R6/lib/X11/xdm/Xsession Xstartup desktop# echo > Xreset [ee Xstartup to contain a line for KDE] desktop# kdm -nodaemon [can log in fine, Sound server error looks different than the message I normally get, but that's another issue] [when I log out, the screen is black with a % shell in the upper left hand corner, and xconsole in the lower right, I type exit, I get kdm, Ctrl-Alt-F1, Ctrl-C] ^Cdesktop# echo "/usr/local/bin/kdm/desktop" > Xsetup [now I have a background, although there are a few seconds of delay each time, I go out of X, ee /etc/ttys to enable kdm from there, kill -HUP 1, still works fine, but I still get the % shell where I have to type exit <<<<< If I then log out and remove kdm from /etc/ttys and try to log in normally again, I can't until I've removed some files that were written in my home directory with owner root, but then I'm back to normal (normal user in Konsole until I enable kdm again). Did I miss something in the setup? Is it a known problem? Raf Schietekat <Raf_Schietekat@ieee.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C195EEC.9010208>