[X2go-dev] Use case for an x2go user-group

Moritz Struebe Moritz.Struebe at informatik.uni-erlangen.de
Sat Feb 19 15:43:11 CET 2011 

Hi all,

May I suggest the following:
First of all: This is only about the SQLite wrapper!
Let's get rid of sudo and use suid instead. Add a commented line to the
wrapper that checks whether the current user is in the appropriate group.

Rationale: x2goserver-one, which is responsible for the automatic use of
the SQLite wrapper, had exactly this behaviour: It gives all users
access to x2go (Worse: A while ago it gave all users root-access).
Therefore for the naive user there is no change in behaviour: It gives
them more efficient access then using X-forwarding. Administrators who
administer a large user base, who should have got nervous with the
root-sudo anyway, sould be able to uncomment that one line within the
wrapper and change it to a group or groups of there favour.

After all x2go is yet another application. There is no way that you may
compromise the system because of this - except using resources, but
there are better ways to do so. It you want, you can even adjust the
client work around the wrapper-script and start the agent manually (No,
I won't discuss how). Therefore there is no real additional security won
by disallowing users to run the wrapper.

Cheers
Morty


P.s.: IMO the final decision must be made by Alex and Heinz anyway.


On 2011-02-18 22:24, John A. Sullivan III wrote:
> I'm thinking we should err on the side of security and make it secure by
> default with the option to loosen.  That said, is there a way to achieve
> all goals? We do need to stop the sudo log spam. We do need to prevent
> misfired installations that required great expertise to sort out.  What
> if, instead of using sudo, we did lock down the x2go scripts by default
> with restricted ownership as suggested to those who responded to this
> thread concerned about security.  That leaves us with maintaining local
> groups but that is not the end of the world.  It eliminates the sudo
> problem and makes us secure by default rather than exception.


-- 
Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter)
Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme)
Friedrich-Alexander-Universität Erlangen-Nürnberg
Martensstr. 1
91058 Erlangen

Tel   : +49 9131 85-25419
Fax   : +49 9131 85-28732
eMail : struebe at informatik.uni-erlangen.de
WWW   : http://www4.informatik.uni-erlangen.de/~morty




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5867 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110219/9d6f2908/attachment.bin>

More information about the x2go-dev mailing list