Hi list,
Reading all comments on my stone in the pond I still think it is not really clear what the problem is (and my proposed solution)
I do not want to secure the entire server. I only want a door that can be locked. So I allow a user to use the terminal. Okay he is allowed to use the terminal and so he can do anything he likes. No problem.
Or I say on the server the user may only use program XYZ. XYZ starts and that is all. If XYZ deletes my system that is Okay by me. The user had access to that program and that is it.
This can be enforced by my simple solution. From the client a command is sent, say "Start terminal". Then in the wrapper, the user is matched with the command and if the match exists, the command is allowed and is executed. If not, the request is rejected.
Maybe this can be achieved also by apparmor, but it looks to me that apparmor is intended to secure the entire system which is really not what I want. (Or maybe I am mistaken because of lack of knowledge of apparmor) <snip> Again I confess that I've not taken a lot of time to digest this issue but, I wonder if the back and forth is cause because for some users,
On Fri, 2011-04-01 at 02:44 +0200, Dick Kniep wrote: this would be a highly desirable feature whereas, for others, it not only makes no sense but would be a significant obstacle. Can it be built as a configurable option that can be enabled with a setting in x2go.conf (or whatever file we are using for configuration)? - John