#884 closed Feature Request (invalid)

Make "killing" PCDM require elevated sudo permission

Reported by: joshms Owned by: ken
Priority: trivial Milestone:
Component: System Tool Version: 10-STABLE
Keywords: Cc: trac-bugs@…


Ken you may have reasons for PCDM being run this way. One thing i noticed is you can issue a kill command and shut it down with no complaint it just gos back and asks you to log in again. No harm no foul really. Should it require elevated permissions though to terminate it's session?

Change History (3)

comment:1 Changed 19 months ago by kenmoore

Are you talking about the user PCDM session? That obviously only needs user permissions to kill (that way the user has a way to close a broken/stuck session and return to the login manager).

The way it works is that there is a PCDM "daemon" process that will automatically startup a new X/GUI session whenever the previous one is killed/closed. This makes sure that the user does not log out and is then stuck at a command-line login prompt when the system is setup to use PCDM for logins.

comment:2 Changed 19 months ago by joshms

Yes that is correct the user PCDM session. What I suppose i'm asking is should it prompt for password before closing via terminal? Otherwise it seems like any program or person could issue a kill command and shut down the user's session. Perhaps this isn't a big issue in BSD land, but I can remember many times as a windows sys admin when malware would hijack and shut down the user's session. I may not have a firm enough understanding on how the inner workings of PCDM to understand if this is a security issue or not.

comment:3 Changed 19 months ago by kris

  • Resolution set to invalid
  • Status changed from new to closed

The way it works right now is correct. If you are "root" you can kill anything, no questions asked. If you running as a user, and kill your own login session, that's fair game also, since you are the owner of that process.

Note: See TracTickets for help on using tickets.