Privileged `gnome-initial-setup` Greeter Allows Running a Bunch of Unrelated Applications
When running in the privileged
gnome-initial-setup greeter context when
gnome-shell --mode=initial-setup a restricted GNOME shell is presented where e.g. no applications menu and no "run program" dialog is available.
However, the keyboard shortcuts
super + 1 to
super + 10 allow to start a bunch of applications like Firefox, Evolution, LibreOffice Writer, Rythmbox or Nautilus. This, as a result, can be exploited to open a terminal despite of the
gnome-initial-setup user having
/sbin/nologin set as a shell.
To restrict the
gnome-initial-setup privileged greeter to its intended purpose it should be considered to disabled these shortcuts. I don't know which component is responsible for this but I was able to reproduce the behaviour on both openSUSE Tumbleweed and Fedora 30.