{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia5f5gblpwj3htfdm3qotxq54wjsnbzoiivqc6al3hrd2xovanzny",
    "uri": "at://did:plc:b3tz6srl4ochk2wxn6dv6xpy/app.bsky.feed.post/3mknchfrj4tc2"
  },
  "path": "/Articles/1070434/",
  "publishedAt": "2026-04-29T14:20:46.000Z",
  "site": "https://lwn.net",
  "tags": [
    "detailed\nblog post",
    "Plasma\nLogin Manager",
    "6.6.2",
    "SDDM display\nmanager",
    "remains the\nsame",
    "privileged\nD-Bus helper",
    "defense-in-depth\nsecurity issues"
  ],
  "textContent": "SUSE's Security Team has published a detailed\nblog post on their recent review of the Plasma\nLogin Manager version 6.6.2, which was forked from the SDDM display\nmanager.\n\n> While most of the code remains the\nsame, the new upstream added a privileged\nD-Bus helper called `plasmaloginauthhelper`, which suffers from defense-in-depth\nsecurity issues.\n>\n> [...] Based on the high severity of the defense-in-depth issues shown in this report, our assessment is that there is effectively no separation between root and the plasmalogin service user account.\n>\n> At this time there is no bugfix available by upstream, but a security fix is planned for the next Plasma release on May 12. We have not been involved in upstream's bugfix process so far and have no knowledge about the approach that will be taken to address the issues from this report.",
  "title": "Security review of Plasma Login Manager (SUSE Security Team Blog)"
}