Hi Morty, On Mo 18 Jul 2011 19:08:50 CEST Moritz Struebe wrote:
Hi there. On 2011-07-18 17:12, Moritz Struebe wrote:Should be possible using the group-S-bit -> keep the user, but make the database writeable to the x2gouser-group.I just had a chat with Arw, and this is the way to go.
I had though so already, but my tests with that currently fail. Probably be problem that sits in front of the screen. Will test some more...
But we must check that x2gouser is the only user in the x2gouser-group. (I think checking this in the perl-script should be secure enough, as nobody is just added to that group - and if someone is, x2go stops working - so someone will notice, that something is going wrong - and he cant change the script, as he does not own it).
Ok, got that...
I don't remember, but was it the x2gouser or the x2gousers groups everybody got added to in the old installer-scripts? If it was x2gouser, the new installer should probably remove everyone....
What about the real user vs. effective check in the x2gosqlitewrapper.pl script. The setgid bit does not change the effective user, only the effective group. Is there a similarly easy check for that in Perl?
Thanks, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: [email protected], http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpOwc8r9rfkm.pgp
Description: Digitale PGP-Unterschrift
_______________________________________________ X2go-Dev mailing list [email protected] https://lists.berlios.de/mailman/listinfo/x2go-dev
