Hi all,as those of you who have studied X2Go Server code probably have noticed, X2Go uses the su command quite intensively. The problem about su is that it invokes a subshell whenever it is called. Those subshells are quite difficult to handle without providing space for exploitation.
As su is (in all cases) used to drop privileges from root to a normal user, my suggestion would be exchanging the su calls by sudo calls. (sudo -u <user> <command>). The advantage of sudo: it does not invoke a subshell.
Feedback? Request for comments??? Any other approach thinkable??? Thanks, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpOl38cFHcn5.pgp
Description: Digitale PGP-Signatur
_______________________________________________ X2Go-Dev mailing list X2Go-Dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/x2go-dev