From mike.gabriel@das-netzwerkteam.de Tue May 15 14:01:15 2018 Received: (at 1295) by bugs.x2go.org; 15 May 2018 12:01:18 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.1 required=3.0 tests=BAYES_00,RDNS_NONE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.1 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 96B995DAE9 for <1295@bugs.x2go.org>; Tue, 15 May 2018 14:01:15 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCb9OYTJwL0X for <1295@bugs.x2go.org>; Tue, 15 May 2018 14:01:09 +0200 (CEST) Received: from fregna.das-netzwerkteam.de (unknown [IPv6:2a01:4f8:202:1381::1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 7FF665DACE for <1295@bugs.x2go.org>; Tue, 15 May 2018 14:01:09 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [148.251.201.105]) by fregna.das-netzwerkteam.de (Postfix) with ESMTPS id 6441560532; Tue, 15 May 2018 12:01:09 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 55420C47EC; Tue, 15 May 2018 14:01:09 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IrxnJSCypNRW; Tue, 15 May 2018 14:01:03 +0200 (CEST) Received: from das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id D0AE6C47EA; Tue, 15 May 2018 14:01:03 +0200 (CEST) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTPS; Tue, 15 May 2018 12:01:03 +0000 Date: Tue, 15 May 2018 12:01:03 +0000 Message-ID: <20180515120103.Horde.J-atjJEMwEJEk_ujSVdemdf@mail.das-netzwerkteam.de> From: Mike Gabriel To: Walid MOGHRABI , 1295@bugs.x2go.org Subject: Re: [X2Go-Dev] Bug#1295: x2goclient/broker mode : don't close on suspended session with --close-disconnect References: <1577747420.29014986.1525874065272.JavaMail.root@servicemagic.eu> <386210362.29017491.1525874443782.JavaMail.root@servicemagic.eu> In-Reply-To: <386210362.29017491.1525874443782.JavaMail.root@servicemagic.eu> User-Agent: Horde Application Framework 5 Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Content-Type: multipart/signed; boundary="=_kFyUyOxNCD5hccLdzezhhcP"; protocol="application/pgp-signature"; micalg=pgp-sha256 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_kFyUyOxNCD5hccLdzezhhcP Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Walid, On Mi 09 Mai 2018 16:00:43 CEST, Walid MOGHRABI wrote: > package: x2goclient > version: 4.1.2.0-0~1750~ubuntu16.04.1 > priority: bug > > In broker/tce mode, when I connect a new session on TCE-CLIENT-1, if=20= =20 >=20I live migrate the running session on TCE-CLIENT-2, the session is=20= =20 >=20detached from client 1 to client 2 correctly (suspended on client 1=20= =20 >=20and correctly resumed on client 2) but x2goclient doesn't close=20=20 >=20itself on client 1 once session is detached. This per se is a bug, as --close-disconnect fails. > The client stays opened on the sessions profiles list with the=20=20 >=20currently logged in user instead of closing itself and getting back=20= =20 >=20to the broker login prompt. I think --close-disconnect is not what you want. You want --broker-autologo= ff. > This is a major security issue since anyone can then just click on a=20= =20 >=20session profile to connect with the current user credentials. Understood. However, please check if you can achieve the correct=20=20 behaviour=20with --broker-autologoff. It saves you the X2Go Client=20=20 restarts=20on session logout. Mike --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de --=_kFyUyOxNCD5hccLdzezhhcP Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIzBAABCAAdFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAlr6y/8ACgkQmvRrMCV3 GzHhwg/+LBGGUPcM4ex4Mj9qsVvZM4GEF2878tsii/HAvUyLpPZsYGpQ3EZnIsMn lP5RNyTM7IpZuP/olGUMMmkqsA8H2NXLOlEQv3NIBAhARDx/++Xny1nJbUn5Ucva XygdqGAtyEyuecNXFkmj+LmWXz3L+AstKcDISZcfaoAfFO2twwOoDWFfGn0vvVly rrUoHzo+0VT8G8n89kwhBRercrzEljDhsVsWl2Wq/tx1zjUtN+9LRk/2LUpHu3MZ Szguz0xZdV/0qmnX71+E22VsfRytVF23GSh8ugHnq72IpjOQHg4KB5kMSbwBU3/T NbYOjvMq0t65Ue1gmbWfqOOgjvGMYCZuFeegeNbEggV2qdWmt15U6SqDX4acGXEo 7yJsLUNLVZg9KLgc0kcZ+doYuQ22NI5ZHvNLQ7+WLDHFDBDsj/7Ssh6zZdurjO6+ M6pJZLwhoU15fvWWtQ6RVm33T/7PzRXALroi8G4nkKfuhrtfKMKQNs6tjnTWdkby beob8rs/rbHnPTFFQG/Pcq0Ry8my2AYVAQBrZrh3Wy7Q7ZYZz3nySj0oAAaygyUK G7C3wQcD28UluSLBsV0ubLU09LibAbi0TUv1KBB2P2oDz2PXO7iHyOE7rm13ectF Nx50m9rsqFlJPEZCADAA3fdoUGpOeSEgkuMfV39iiVwIZxA6L5E= =zfCA -----END PGP SIGNATURE----- --=_kFyUyOxNCD5hccLdzezhhcP--