Thanks Scott, I was hoping someone like you would chime in and put some sense to it all. What you said was what I was trying to communicate with 'corner-case' since it has long been said to many that "LTSP-5 is the current version that you should be using." (straight from #ltsp on irc.freenode.net, not just Ubuntu people).
Cheers, Jordan/Lns Scott Balneaves wrote: > As the person who fixed the bug, and who is responsible for LTSPFS > upstream, allow me to interject. > > LTSPFS, or, for that matter, LTSP in the large, never had much of a > security model. X was always launched without auth, LTSPFS had no > security, etc. This is true for every version of LTSP from 1 to 4.2 > > When the original bug was filed, causing LTSPFS to gain some security, > it required a fairly major rewrite of LTSP. Including going from the > older Python LDM to the newer C one. > > The massive changes to LTSP that occurred at that time and the resulting > backport that were necessary were more than the limited pool of > volunteer LTSP developers could handle at the time. > > I think we need to be clear about what's "Ubuntu" and what's upstream. > Ubuntu, the distro, reported a security flaw in LTSPFS. LTSP's response > was to completely re-work LTSP, in essence, producing a whole new > version. One that was almost impossible to backport into the distro. > This is simply an outcropping of the policy of "The release in the > distro should stay constant.". > > Hope this, if nothing else, provides some historical background. > > Cheers, > Scott > > -- Jordan Erickson Owner, Logical Networking Solutions http://www.logicalnetworking.net 707-636-5678 Latest LNS Blogs - http://blogs.logicalnetworking.net Intel and HP team up to roll out Green PCs for the enterprise Mozilla Thunderbird Add-on "Signature Switch" Will "Windows 7" be another Mojave Experiment? -- LTSPFS security is broken https://bugs.launchpad.net/bugs/133635 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
