The GNOME Display Manager (GDM) is a program that facilitates graphical user login for Linux systems using GNOME, running and managing the X.Org display servers for both local and remote logins.
What is GNOME Display Manager (GDM)
The GNOME Display Manager (GDM) is the login graphical user interface (GUI) and manager for the GNOME desktop environment within Linux. GDM runs in the background and is a replacement for X Display Manager (XDM), handling user authentication, and initiating desktop sessions.
GDM3, the most recent version of GDM is the default display manager in GNOME. It is responsible for presenting a login screen, and all its graphical components, and includes some security features such as session management which ensures each user’s session remains isolated. This should not be confused with a window manager which controls appearance and application windows.
Benefits of removing the GDM
For systems that operate solely through the command line, such as servers and other non-GUI environments, removing the GDM can enhance security and improve performance.
By removing the GUI, CPU and memory can be freed up allowing these resources to be allocated to other, critical server processes. Without a GUI, potential vulnerabilities linked to a graphical login interface and its dependencies are minimised, enhancing the security posture of a system.
This practice aligns with the principle of least privilege, by removing unnecessary components, it removes the risk of miconfiguring the GDM to inadvertently be enabled. This could lead to an unintended graphical login prompt during system reboots, creating additional access points.
How to remove the GDM package
To remove the GDM package, un the following command to remove the gdm package
# dnf remove gdm
MITRE ATT&CK Mappings
Techniques / Subtechniques – T1543, T1543.002
Tactics – TA0002
Mitigations
Server Hardening
The GDM is an essential component for managing logins and sessions in the GNOME desktop environment. However, on servers that don’t require a GUI, removing GDM is vital to enhance security by reducing the attack surface. This practice is an important part of server hardening, as it minimizes unnecessary services, reducing the potential for exploitation and aligning with security best practices.
