[X2go-Dev] x2goserver package with setuidwrapper

Moritz Struebe Moritz.Struebe at informatik.uni-erlangen.de
Mon Jul 18 19:08:50 CEST 2011


Hi there.

On 2011-07-18 17:12, Moritz Struebe wrote:
> Should be possible using the group-S-bit -> keep the user, but make the
> database writeable to the x2gouser-group.

I just had a chat with Arw, and this is the way to go. But we must check
that x2gouser is the only user in the x2gouser-group. (I think checking
this in the perl-script should be secure enough, as nobody is just added
to that group - and if someone is, x2go stops working - so someone will
notice, that something is going wrong - and he cant change the script,
as he does not own it).

I don't remember, but was it the x2gouser or the x2gousers groups
everybody got added to in the old installer-scripts? If it was x2gouser,
the new installer should probably remove everyone....

Cheers
Morty



-- 
Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter)
Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme)
Friedrich-Alexander-Universität Erlangen-Nürnberg
Martensstr. 1
91058 Erlangen

Tel   : +49 9131 85-25419
Fax   : +49 9131 85-28732
eMail : struebe at informatik.uni-erlangen.de
WWW   : http://www4.informatik.uni-erlangen.de/~morty




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4482 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110718/9527cb56/attachment.bin>


More information about the x2go-dev mailing list