Hi John, On Mo 25 Jul 2011 12:32:44 CEST "John A. Sullivan III" wrote:
On Mon, 2011-07-25 at 08:32 +0200, Mike Gabriel wrote:Hi Reinhard, On Mo 25 Jul 2011 00:10:03 CEST Reinhard Tartler wrote: > previously, users could create sessions under wrong uids or delete > sessions from other users. This patch implements prevents this by > checking the userid of the caller with the session id. +1 from me... > [... patch ...]<snip> We addressed this a little differently as it is one of the problems we immediately recognized in X2Go two years ago and one of the major modifications we made in our environment.
The script Reinhard modified only concerns SQLite...However, based on the current x2goserver code... if you come up with postgres patches (I strongly guess that you were refering to postgres changes on the x2goserver script) we will be happy to introspect them.
Unfortunately, there has been a complete rewrite of the database scripts of X2go in the meantime, so I suppose your patches that you sent to the ML 1-2 years ago will not apply anymore.
Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpnUC0azRLoZ.pgp
Description: Digitale PGP-Unterschrift
_______________________________________________ X2go-Dev mailing list X2go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev
