X11 Session -- SDDM allows unauthorised unlocking
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session.
The default configuration of SDDM on FreeBSD is not affected, since it has ReuseSession=false.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright