Jan 022011

In RHEL-6, the gnome login screen displays all user accounts. Apparently this behavior of the gdm greeter was inherited from Fedora. This may not be a problem with personal desktops/laptops but, in an enterprise class Linux like RHEL, it could constitute a security vulnerability. I saw complaints from users as early as in Fedora 9. Alan has filed a bugzila against RHEL-6.

It is possible to disable it. Problem is … it is not easy to do it. The following command (one-liner) will disable the gdm greeter’s listing of users:

sudo -u gdm gconftool-2 --type bool --set /apps/gdm/simple-greeter \\
/disable_user_list true

By the way, you can see the set value by:

sudo -u gdm gconftool-2 --get /apps/gdm/simple-greeter/disable_user_list

Note that the command was run as gdm. Running the same gconftool-2 command as root would not work. Alternatively, you can modify the systemwide configuration. It will be just easy if you manually edit the file /etc/gconf/gconf.xml.defaults/%gconf-tree.xml and change the boolean for disable_user_list from false to true.