diff options
author | Tim Lunn <tim@feathertop.org> | 2016-04-12 14:40:48 +1000 |
---|---|---|
committer | Tim Lunn <tim@feathertop.org> | 2016-04-13 13:41:39 +1000 |
commit | 25e8677f7d0950e69b6bf9d9a534a184067da123 (patch) | |
tree | 8fe9ab6887f5426f147f2ae3f0c62ac4ffaa51ce | |
parent | c870d47dd828506857f0997a3af3468fc12fc85b (diff) | |
download | gdm-25e8677f7d0950e69b6bf9d9a534a184067da123.tar.gz |
gdm-session: require a password for for remote logins
Many remote services refuse passwordless logins, so administrators may find it
surprising that the login screen over XDMCP doesn't require a password on the
account.
This commit toggles to that default.
Note, this change doesn't really make XDMCP more secure. It is inherently
insecure over an untrusted network, since it's a completely plain text
protocol.
https://bugzilla.gnome.org/show_bug.cgi?id=764669
-rw-r--r-- | daemon/gdm-session-worker.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c index b97c688a..7bbda49f 100644 --- a/daemon/gdm-session-worker.c +++ b/daemon/gdm-session-worker.c @@ -1080,6 +1080,8 @@ gdm_session_worker_initialize_pam (GdmSessionWorker *worker, ensure_login_vt (worker); g_snprintf (tty_string, 256, "/dev/tty%d", worker->priv->login_vt); pam_set_item (worker->priv->pam_handle, PAM_TTY, tty_string); + if (!display_is_local) + worker->priv->password_is_required = TRUE; out: if (error_code != PAM_SUCCESS) { |