Found this via google: "http://lists.kde.org/?l=kde-kiosk&m=111944662332070&w=2"
"To override a session type, copy the .desktop file from the data dir to the
config dir and edit it at will. Removing the shipped session types can be
accomplished by "shadowing" them with .desktop files containing Hidden=true.
For the magic session types no .desktop files exist by default, but KDM
pretends they would, so you can override them like any other type.
I guess you already know how to add a new session type by now. ;-)
"
Ok, so it looks like one way to disallow the session type "failsafe" when creating a kiosk is to create a failsafe.desktop in the same directory as the kde.desktop, probably /usr/share/xsessions, set to hidden.
As the settings in this .desktop file will overwrite the settings used by kde, and remove the failsafe option from the desktop, it should not be done lightly, and most usefully as the last step in locking down the node. If something goes wrong, you'll probably need to boot from a rescue CD.
What I did (probably more of a kludge) was simply copy the kde.desktop.
I then edited it to remove all the "name[fg]=" entries.
Then I set the execs to "/bin/false"
Lastly, I added the "Hidden=true" tag as specified above.
my failsafe.desktop looks like this:
[Desktop Entry]
X-SuSE-translate=true
Encoding=UTF-8
Type=XSession
Exec=/bin/false
TryExec=/bin/false
Name=failsafe
Hidden=true
And I no longer get the option to select a failsafe session. Yeah!
Hope this helps. I tried removing the Default and Custom options, but I didn't get it to work with trival effort, and I didn't have time to play with it.
Since both options went to KDE, I didn't worry about it too much.