** Description changed: Binary package hint: network-manager dpkg -l network-manager | grep ^ii ii network-manager 0.6.4-6ubuntu4 network management framework daemon Steps to reproduce: Enable XDMCP in the login manager screen ( System - Administration - Login Window ) Restart gdm Create a new totally unprivileged user - sudo adduser foo Login from another machine on the network using xdmcp Right click the nm-applet, disable networking, and the network connection goes down immediately for the host you have logged into remotely. This is a grave flaw. It means *any* user logged in through xdmcp can - bring the network down from the machine that the remote user has logged - in to + bring the network down on the machine that the remote user ( foo) has + logged in to, which may have a number of users remotely logged in at the + time, thus depriving all users of the network of connectivity Notice that this works whether or not tcp connections are allowed through the "remote" dialogues in the login window admin screen
** Description changed: Binary package hint: network-manager dpkg -l network-manager | grep ^ii ii network-manager 0.6.4-6ubuntu4 network management framework daemon Steps to reproduce: Enable XDMCP in the login manager screen ( System - Administration - Login Window ) Restart gdm Create a new totally unprivileged user - sudo adduser foo Login from another machine on the network using xdmcp Right click the nm-applet, disable networking, and the network connection goes down immediately for the host you have logged into remotely. This is a grave flaw. It means *any* user logged in through xdmcp can bring the network down on the machine that the remote user ( foo) has logged in to, which may have a number of users remotely logged in at the - time, thus depriving all users of the network of connectivity + time, thus depriving all users of the network of their connectivity, and + aborting their sessions. Notice that this works whether or not tcp connections are allowed through the "remote" dialogues in the login window admin screen -- network-manager allows an unprivileged user to disconnect the network from xdmcp login https://bugs.launchpad.net/bugs/104173 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
