Rob Lemley schrieb:
Hello Oleksandr,
Please understand that I am trying to offer constructive criticism. Any time I see something that runs as root, I try to figure out why, and if possible run it as a non-privileged user. From a sysadmin point of view, I would much prefer that a piece of software that I install create a new user on my system than allow any user to run a script as root.
I see what you mean with the shadow sessions. May I suggest a second wrapper script for cases like this?
I understand what you mean. It seems to be a good idea. I'll think about it.
User permissions and security are rarely simple, and safeguards can quickly overwhelm the original scope of the situation. Sometimes all we can do is minimize the risk/exposure, and that is all I am looking to do here.
Thank you for your hard work on x2go.
-rob
-- Oleksandr Shneyder Dipl. Informatik X2go Core Developer Team
email: oleksandr.shneyder@obviously-nice.de web: www.obviously-nice.de
--> X2go - everywhere@home