/etc/X11/xdm/Xresources file contains the line:
but the xlogin widget let the root log in.
Created attachment 31224 [details]
X resouces file
On Mon, Nov 16, 2009 at 00:31:21 -0800, firstname.lastname@example.org wrote:
> /etc/X11/xdm/Xresources file contains the line:
> xlogin.Login.allowRootLogin: false
> but the xlogin widget let the root log in.
aiui when using PAM this configuration is not used.
> aiui when using PAM this configuration is not used.
Should not have to be marked this somehow in the log file? :-)
The allowRootLogin code seems to have only been implemented for USE_BSDAUTH
(which doesn't appear to ever be defined by configure.ac) and the OpenBSD
version of the non-PAM/direct getpwent() authentication backend.
I don't see why it should be OpenBSD specific, so have moved it outside of
the #ifdef __OpenBSD__ and added it to the PAM backend as well, plus added
a warning to the xdm man page that it depends on the authentication method
built into xdm, and will submit a patch with that for comment to xorg-devel.
Created attachment 34130 [details] [review]
Proposed patch submitted to xorg-devel
Pushed fix to git master.