Package: ltsp Version: 5.0.40~bzr20080214-1~40.etch.0 Severity: critical X connections to :6 on LTSP clients are possible from any machine on the network.
Some notes: - LDM_DIRECTX = False or True does not change anything - on the client, X is running with the '-auth /root/.Xauthority' flag. However, /root is mounted ro by default. Adding it to copy_dirs in /etc/default/ltsp-client-setup allows .Xauthority to be generated, but X connections are still possible. - using iptables rules, we could at least restrict access to the terminal server best, -Christian -- Dr. Christian Herzog e-mail: [EMAIL PROTECTED] IT Systems Specialist voice: +41 44 633 3950 Department of Physics office: HPR E86.1 Swiss Federal Institute of Technology 8093 Zurich, Switzerland -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
