[X2Go-Dev] Bug#354: Bug#354: Things you should know about X
Stefan Baur
newsgroups.mail2 at stefanbaur.de
Sun Dec 8 21:10:57 CET 2013
Am 08.12.2013 21:05, schrieb Nable 80:
> One should notice that without root ( who would give root access to
> generic employee? except (possibly) on his workstation) you still
> cannot access other users' cookies (except cases when one have too
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> wide permissions or known vulnerabilitites with privelege escalation),
^^^^^^^^^^^^^^^^
> so you cannot grab their X sessions, can you?
And here we are again at "Hey, $FOO doesn't work, I'll just do chmod -R
777 * and see if that makes it work."
Plus, the rogue employee may as well be the admin, and thus have root
rights on the machine where you're logged in.
-Stefan
More information about the x2go-dev
mailing list