Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Sep 2001 14:20:43 -0400
From:      dochawk@psu.edu
To:        "Hartmann, O." <ohartman@klima.physik.uni-mainz.de>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: root login prevention from X11 
Message-ID:  <200109111820.f8BIKh350922@fac13.ds.psu.edu>
In-Reply-To: Your message of "Tue, 11 Sep 2001 19:27:53 %2B0200." <20010911192434.U23258-100000@klima.physik.uni-mainz.de> 

next in thread | previous in thread | raw e-mail | index | archive | help

O offered,

> Apart from using kdm, we want to prevent root logins from over
> X11 clients (remote logins). Login prevention for telnet and
> ssh is either done by /etc/login.access, /etc/login.conf and /etc/ssh/sshd_config,
> but the X11-login procedure seems to walk thriugh other paths
> offering a login session.

> Can anyone tell me how to disallow root logins from remote systems
> via X11/chooser login?

/etc/ttys specifies which consoles are secure (allowing root login), 
and which are not.  If you have a line to the effect,

ttyv8   "/usr/X11R6/bin/xdm -nodaemon"  xterm   on  secure

I believe turning it to "insecure" wll help

hawk

-- 
Prof. Richard E. Hawkins, Esq.                  /"\   ASCII ribbon campaign 
dochawk@psu.edu  Smeal 178  (814) 375-4700      \ /   against HTML mail
These opinions will not be those of              X    and postings 
Penn State until it pays my retainer.           / \ 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109111820.f8BIKh350922>