[X2Go-User] x2gothinclient - one user on server, multiple sessions
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Tue Aug 19 22:29:25 CEST 2014
Hi Gregor,
On Mo 18 Aug 2014 20:39:15 CEST, Gregor Burck wrote:
> No, it is no security problem, on the desktops/server nobody can do anything.
> The authentification is localized in the application.
yes, it is a security issue.
Some staff person A will be able to watch what staff person B is
doing. Even worse, staff person A can interfere with staff person B's
session. This can also happen unnoted by staff user B in times that
staff user B's session is suspended. This setup will be highly
compromisable from internal.
For your remove home on logout problem, you maybe could look at
pam_guest (it is in Ubuntu, not sure about other distros).
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20140819/e535bace/attachment.pgp>
More information about the x2go-user
mailing list