1wilkens / rdm Goto Github PK

HAS MAJOR ISSUES RELATED TO SECURITY!!

Among things.

It's good to remember that when dbus craps out all the software that depends on it stops working.

I imagine that display manager ought to work regardless of whether dbus feels like working or not.

As multiple people have pointed out RDM is already used by Redis Desktop Manager among others.
For v0.1 a non-clashing name would help discoverability and avoid potential problems down the road.

I'll post ideas and suggestions here as I come up with them.

Currently only ~/.xinitrc is executed to start a user session. This approach is very simple but unnecessarily static and should be extended to include /etc/xsessions and whatever other reasonable standards exist.

As this is purely an enhancement it is not a blocker for v0.1

Currently an xauth file is generated and written to disk but not used when launching X, because the concept of .Xauthority is not quite clear. Adding the flag to the launch prevents gtk from opening the display. This is weird because the main ui (via gtk) will always be executed as root and as such should have access to X under all circumstances.

Also it is just not clear what .Xauthority actually does. In theory it should limit access to the X server but the auth file via startx actually contains multiple magic cookies while .Xauthority only contains 1.

More research is required to figure out what the "best practices" are.
Although this is an enhancement it is the de-facto standard in all other display managers so it is a blocker for v0.1

Currently the session started by rdm is partly recognized by loginctl (no seat or tty attribute present) and all authentication attempts (for example shutdown/reboot) fail with Failed to power off system via logind: Interactive authentication required..
This indicates that the pam_systemd.so module is not properly executed for the session (although the runtime directory in /var/run/user/ is created..) which might be caused by a problem in the pam configuration file.

More research is needed to determine which practices we need to follow.

As proper systemd support is one of the core principles rdm is built on, this is a blocker for v0.1!

Currently the user session is invoked as root which effectively makes any shell opened in it a root-shell. This is obviously wrong and dangerous especially with a malicious .xinitrx.

The reason for this is not completely clear. rdm's subthread for the session invokes pam_open_session which should change the user but apparently this is not enough to do so.