Hi Stefan, On Fr 07 Nov 2014 00:50:55 CET, Stefan Baur wrote:
Package: x2gobroker Severity: wishlist Please add a prominent note to x2gobroker's man page that it is *not* intended as a security feature - a user can still launch x2goclient without the broker parameter and set it to run any executable the user has exec permission for on the server. As always, group membership and file permissions *MUST* (MUST as defined in RFC2119 https://www.ietf.org/rfc/rfc2119.txt) be used to limit a user's access to executables on the server. - -Stefan
Do you think you could write down such an additional note for the man page and send it back to this bug (in plain text)?
I will work that text into the man page then. Thanks, MikePS: if you will, tag this bug with "patch" once you have sent that text passage...
-- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: [email protected], http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpYgaqnT_W05.pgp
Description: Digitale PGP-Signatur
_______________________________________________ x2go-dev mailing list [email protected] http://lists.x2go.org/listinfo/x2go-dev
