Package: python-x2gobroker Severity: important Version: 0.0.3.0-preview
Currently, x2gobroker-pubkeyauthorizer received SSH public keys from the X2Go Session Broker. Those key are stored as-is into ~x2gobroker/.ssh/authorized_keys.
However, we need to add a force_command option into those pubkey lines, so that only x2gobroker-agent can be called via X2Go Session Broker.
At the moment user x2gobroker@x2gobroker-machine can issue arbitrary commands on the X2Go Server (which is not really painful, but should be avoided in general).
Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: [email protected], http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpatK2tpRBdB.pgp
Description: Digitale PGP-Signatur
_______________________________________________ x2go-dev mailing list [email protected] http://lists.x2go.org/listinfo/x2go-dev
