On Mon, Apr 13, 2020 at 1:04 PM Slym <guacamole-fo...@slym.fr> wrote:
> In the end I found a better/easier way to do that. > > I'm adding an html file to the container and this webpage is > auto-connecting > and auto-creating connection using the quickconnect extension. > > You just need to pass all the connections parameters in the URL (using same > syntax as quickconnect module). > > I published my image to docker hub : > > https://hub.docker.com/repository/docker/slymsoft/tabasco > <https://hub.docker.com/repository/docker/slymsoft/tabasco> > > Thank you again for your help and time. > > Glad you found a solution. Just to be sure, there are some security implications for using the QuickConnect extension - in particular, you have the potential to give your users the ability to create connections that access portions of the filesystem on which guacd is running. Depending on the user running guacd, this could be *VERY BAD* (e.g., if you do this and run guacd as root, you are basically allowing users to read, write, and otherwise do whatever they like with any file on the system hosting guacd). This is documented in the manual, under the "IMPORTANT" section at the top of the page: http://guacamole.apache.org/doc/gug/adhoc-connections.html Having the system auto-connect is also not a valid defense against this - a user could still make use of the REST API to create a new QuickConnect connection, using whatever parameters they want, and then open that connection despite any of the logic you've provided in HTML files on the home page. Bottom line: use the QuickConnect extension with care. -Nick
