On May 11, 2017 8:19:12 AM GMT+03:00, Nikola M <[email protected]> wrote: >On 05/10/17 04:58 PM, Alexander Pyhalov wrote: >> Hello, guys, I have bad news. >> >> We've found that if VNC or XDMCP access was enabled in lightdm, >remote >> unauthorized user could shutdown or reboot system. The issue was >fixed >> in >> >https://github.com/OpenIndiana/oi-userland/commit/97177ec9190d6e81c6bc6dd7ae8e2c3835044e8c >> (system/display-manager/[email protected]). >> >> I have a suspicion that this issue also can appear in SRSS >> environment. If someone, who desires to run lightdm with SRSS, can >> setup test system and check it, we can get a working fix. >> >> For now the mentioned commit disables power actions for all non-local >> sessions. We detect non-local sessions as those, which have >associated >> terminal (/dev/vt/*). >> >> You can disable power actions menu for all sessions, setting >> indicators to something like >> ~spacer;~spacer;~host;~spacer;~session;~a11y;~clock >> in /etc/lightdm/lightdm.conf. >> The question I have is if we should do it by default... > >Congrats on the fix, It is great to disable it shutting down before log >in with lightdm remote session , because anyone wanting to do that >remotely, should log in first. > >I think that local and-non-local sessions have the same problem. There >is no difference between someone unauthorized shutting down or >restarting machine locally or remotely.. >https://www.illumos.org/issues/8167 > >These are all indications that also 'Power' button should not be in >lightdm login screen by default in the first place. It was strange to >me >how fast lightdm appeared there, and since I were not doing fresh >install, but updating, I wasn't aware it is there by default. > >I like to put it there IF I set up my workstation laptop installation, >but it should not be there by default in the first place. (First log >in, >identify and IF having rights, can do power actions on machine). > >I have a SunRay2 and could try setting up SRSS. > > >_______________________________________________ >openindiana-discuss mailing list >[email protected] >https://openindiana.org/mailman/listinfo/openindiana-discuss
I am not sure it is always a problem locally, considering hardware security (e.g. a local user has access to power button or cord of a server/workstation, though not to that of a vandal-protected kiosk), and for some deployments it may be better to let trigger graceful shutdowns quickly than to suffer a full login. Better have this ability togglable though, to suit everyone. FWIW, the Windows pre-login interface also has a button/menu to restart/shutdown/hibernate... the PC. -- Typos courtesy of K-9 Mail on my Redmi Android _______________________________________________ openindiana-discuss mailing list [email protected] https://openindiana.org/mailman/listinfo/openindiana-discuss
