Hi Reinhard,

What you propose is to introduce a completely new security policy:
everyone in a certain group 'netdev' may change everything. This may
be appropriate in your scenario, but may not be in others. For
instance, have you considered what other packages "use" the netdev
group? Are you fully aware about the consequences in terms of
additional privileges users gain by being put in that group? Moreover,
in a managed environment, where all users are in a network directory
such as NIS or LDAP, it is not that simple to add a user to a
computer-local group, as the group may have a different group ID on
different machines. Such scenarios are not uncommon for larger x2go
deployments at all!

The netdev group change is not a proposal for something I think should be included in X2Go, more like "if someone has the same issue, I got it working by doing this". I agree that adding the netdev group is not ideal from a security perspective, someone who fully understands what's going on could probably come up with a much safer solution.

Cheers,

Daniel