I agree with reddazz. I inherited the system administration of a LAN with 5 workstations and all users knew the root password of all machines (indeed, it was written on a post-it sticked on the wall) and all the basic installation along with the directory structure and a lot of useless stuff was messed around. Anyway, to prevent graphical login by root you should edit the file /opt/kde3/share/config/kdm/kdmrc and uncomment the following
Code:
AllowRootLogin=false