[X2go-dev] x2go security Issues
Moritz Struebe
Moritz.Struebe at informatik.uni-erlangen.de
Fri Jan 21 09:21:37 CET 2011
Hi Mike
Am 20.01.2011 23:46, schrieb Mike Gabriel:
> I agree that there actually should be a server script that pre-checks
> if a user (or a command) is welcome to the server.
Jep, the server does need some cleanup. :-)
> The Qt x2goclient doesn't check this, which raises performance and log
> spamming problems once a user logs in that is not allowed to log in.
Yep, that's why I was a little confused, when I was told, that I'm not
allowed to run x2go.
>
> What other security checks do you refer to?
I didn't test them, but I also saw similar checks around fuse, sound and
printing, I think.
Morty
--
Dipl.-Ing. Moritz 'Morty' Struebe (Wissenschaftlicher Mitarbeiter)
Lehrstuhl für Informatik 4 (Verteilte Systeme und Betriebssysteme)
Friedrich-Alexander-Universität Erlangen-Nürnberg
Martensstr. 1
91058 Erlangen
Tel : +49 9131 85-25419
Fax : +49 9131 85-28732
eMail : struebe at informatik.uni-erlangen.de
WWW : http://www4.informatik.uni-erlangen.de/~morty
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5867 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20110121/a6e06489/attachment.bin>
More information about the x2go-dev
mailing list