Am 19.02.2012 21:14, schrieb Milan Knížek: > Hello list! > > I am a bit confused re. the discrepancy between wiki and actual > behaviour of x2godesktop sharing: > > x the wiki [1] reads that > With the desktopsharing function of X2go you can have full-access > the desktop from somebody else... > > x when I (USER_B) connect from a remote machine with x2goclient to > "local desktop" (USER_A logged in on tty7 of x2goserver), the > USER_A's session is shown in the lists of sessions available for > sharing, however the button "Full Access" is greyed-out and cannot be > clicked. So USER_B is only allowed to view the USER_A's deskto. > > x having looked at x2godesktopsharing.git/sharetray.cpp, I can see that > this is due to "bShadow->SetEnabled ( user==getCurrentUname() );" and > have verified that the following patch removes the limitation: > > === > --- onmainwindow_part2.cpp<---->2011-11-25 13:08:10.000000000 +0100 > +++ onmainwindow_part2.cpp_mod<>2012-02-19 19:50:36.200838546 +0100 > @@ -1132,7 +1132,7 @@ > index.row(), > D_USER ).data().toString(); > bShadowView->setEnabled ( true ); > - bShadow->setEnabled ( user==getCurrentUname() ); > + bShadow->setEnabled ( true ); > } > } > > === > > Is this intentional behaviour due to the potential security issues > mentioned here [2] (anyway, the remote user _can_ recompile the > x2goagent to get rid of the limitation)? > > > [1] http://www.x2go.org/wiki:components:desktop-sharing#usage > [2] > http://comments.gmane.org/gmane.linux.terminal-server.x2go.devel/2437 > > Regards, > Milan > >
I have disabled it, because in my opinion, security risk was just to high. At the moment, user can get full access only if connecting to his own desktop. Actually, removing such check in x2goclient should not do anything. This check is also included in x2gostartagent. Anyway, if in future we want to enable such feature, we should also modify x2godesktopsharing and ask user if he give to other people a full or "only view" access. With big, fat, red warning. regards -- Oleksandr Shneyder Dipl. Informatik X2go Core Developer Team email: oleksandr.shney...@obviously-nice.de web: www.obviously-nice.de --> X2go - everywhere@home
signature.asc
Description: OpenPGP digital signature
_______________________________________________ X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev