Comment 6 for bug 1391955

Reopening and following up on sr#261371.

From a brief look at rev. 14 of home:lbssousa:branches:X11:Utilities/lightdm:

- on openSUSE uids until 1000 are reserved for system users
- locale directory for lightdm is /usr/share/locale
- autostart stuff should be adapted to openSUSE
  - e.g. pk-update-icon.desktop disabled instead of update-notifier.desktop etc.
- what happens when screensavers lock which are not covered by the script, e.g. xscreensaver, the MATE screensaver etc., unlike Ubuntu we have 7 supported desktops in openSUSE
- the Unity-specific stuff can probably be removed
- I'm not sure HOME on tmpfs is a good idea, trivial to DOS and even without malicious intent it does not seem to be a good choice on memory-limited systems
- most importantly, as I already pointed out, there need to be separate, more restricted PolicyKit policies for guest users, currectly an active local user can e.g. shutdown the system or install updates without a password, maybe the restricted preset can be somewhat re-used for this, please get in touch with the security team via <email address hidden>
- due to the sensistive nature of allowing passwordless logins of untrusted users, this should be disabled by default, that is guest-session = False
- once finished, the wrapper script, PolicyKit policy, and AppArmor profile should be reviewed by the security team
- finally, are you willing to maintain guest-session support and e.g. maintain the scripts, polciies and handle gust-session specific bugs?