Hi all,
May I suggest the following: First of all: This is only about the SQLite wrapper! Let's get rid of sudo and use suid instead. Add a commented line to the wrapper that checks whether the current user is in the appropriate group.
Rationale: x2goserver-one, which is responsible for the automatic use of the SQLite wrapper, had exactly this behaviour: It gives all users access to x2go (Worse: A while ago it gave all users root-access). Therefore for the naive user there is no change in behaviour: It gives them more efficient access then using X-forwarding. Administrators who administer a large user base, who should have got nervous with the root-sudo anyway, sould be able to uncomment that one line within the wrapper and change it to a group or groups of there favour.
After all x2go is yet another application. There is no way that you may compromise the system because of this - except using resources, but there are better ways to do so. It you want, you can even adjust the client work around the wrapper-script and start the agent manually (No, I won't discuss how). Therefore there is no real additional security won by disallowing users to run the wrapper.
Cheers Morty
P.s.: IMO the final decision must be made by Alex and Heinz anyway.
On 2011-02-18 22:24, John A. Sullivan III wrote:
I'm thinking we should err on the side of security and make it secure by default with the option to loosen. That said, is there a way to achieve all goals? We do need to stop the sudo log spam. We do need to prevent misfired installations that required great expertise to sort out. What if, instead of using sudo, we did lock down the x2go scripts by default with restricted ownership as suggested to those who responded to this thread concerned about security. That leaves us with maintaining local groups but that is not the end of the world. It eliminates the sudo problem and makes us secure by default rather than exception.
-- Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter) Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme) Friedrich-Alexander-Universität Erlangen-Nürnberg Martensstr. 1 91058 Erlangen
Tel : +49 9131 85-25419 Fax : +49 9131 85-28732 eMail : struebe@informatik.uni-erlangen.de WWW : http://www4.informatik.uni-erlangen.de/~morty