[X2go-dev] pending x2goprint patch / Possible security issues
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Mon Apr 18 10:06:55 CEST 2011
Hi Morty,
On Mo 18 Apr 2011 09:13:47 CEST Moritz Struebe wrote:
> On 2011-04-13 17:43, Mike Gabriel wrote:
> I don't think we can get around the ugly thing of the cups-server
> connecting back to the x2go-server, but I do think we can get around
> sudo using the sbit/suidperl once again. If we have a script in the user
> home that is executed as the user, we can use that to pipe the pdf to
> the appropriate folder. This file can be created by the client or one of
> the server-scripts and can even be deleted if the client does not
> support printing.
> This way there is no need to become root and the worst thing that can
> happen is, that the quota of the home is exceeded. No root, though.
>
> Any thoughts?
Thanks for taking the time.
I would be glad if all of your proposed changes would implemented in
the server code, so that this change of concept stays invisible to the
client...
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110418/daa31d3f/attachment.pgp>
More information about the x2go-dev
mailing list