Hi Alex, hi Dick,
On Fr 01 Apr 2011 10:07:15 CEST Alexander Wuerstlein wrote:
Maybe this can be achieved also by apparmor, but it looks to me that apparmor is intended to secure the entire system which is really not what I want. (Or maybe I am mistaken because of lack of knowledge of apparmor)
I don't think this could be achieved by apparmor. You could try SELinux and I'm sure something working and secure will come out, but its very complex. Imagine the original SSH process (i think you can configure that with pam_selinux) setting a restricted security context that only allows to execute a very restricted set of commands to set up an x2go session (i.e. label all those commands executable for that security context, but not anything else). That x2go session setup then needs the capability to elevate its security context to something more permissive such that a normal application could do its job. But since quite a handful of x2go is written in shell or perl, you will also need to allow those for the restricted security context while ensuring that the user can't do anything out of line. Could work, but its very hard and complex to achieve.
Sorry, I mixed both systems up. I want to refer to SELinux... I
haven't work with any of them, and only know them from reading.
However, I think the time being invested by someone in a wrapper
script (->Dick...) it could be an alternative option to invest time
into SELinux investigation and a generic configuration that hardens
the security of an X2go server...
Greets, Mike
--
DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...