X2Go Bug report logs - #1465
Allow running with restricted shell (rbash), or limit applications that can be run.

version graph

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: Vladislav Kurz <vladislav.kurz@webstep.net>

Date: Wed, 22 Apr 2020 16:25:01 UTC

Severity: wishlist

Found in version 4.1.0.3-0~1708~ubuntu16.04.1

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1465: [X2Go-Dev] Bug#1465: Bug#1465: Bug#1465: Bug#1465: Allow running with restricted shell (rbash), or limit applications that can be run.
Reply-To: Vladislav Kurz <vladislav.kurz@webstep.net>, 1465@bugs.x2go.org
Resent-From: Vladislav Kurz <vladislav.kurz@webstep.net>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Mon, 04 May 2020 16:05:02 +0000
Resent-Message-ID: <handler.1465.B1465.15886080482345@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 1465
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: 
References: <b0f7f18d-b027-712a-9fec-5b91773d13c0@baur-itcs.de> <2807081.Gr0nKVqjWH@hex> <3d0ec19b-9273-4db0-2363-6ff18a4ebc00@baur-itcs.de> <2807081.Gr0nKVqjWH@hex>
Received: via spool by 1465-submit@bugs.x2go.org id=B1465.15886080482345
          (code B ref 1465); Mon, 04 May 2020 16:05:02 +0000
Received: (at 1465) by bugs.x2go.org; 4 May 2020 16:00:48 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 required=3.0 tests=BAYES_40,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.2
Received: from mail.webstep.net (mail.webstep.net [195.201.172.199])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id B26EE5DAC1
	for <1465@bugs.x2go.org>; Mon,  4 May 2020 18:00:42 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=webstep.net
	; s=dkim; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:
	In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:
	Content-Description; bh=KRWJHIwGvEEQQ/R3MEGpjEIMgVYpO8VcBIi/f2ZpjgA=; b=ZvkDq
	TdYDxHLqDM4IYIU2A8fjsvTd2GfeYySS/ZHzUVI+TFiEHoQOJTE/VbEhecFObM9k8TfAG78F80gcx
	BEvDycKf7sn3VmzLAOHK6WNj0UuVTTyWvQyRPw/6P90Q+QOqkg6ZYDBqz0wS6VfCR6GEjSBNpV6QM
	WAA36Yaexdh0=;
Received: from ip-89-102-32-92.net.upcbroadband.cz ([89.102.32.92]:60482 helo=hex.localnet)
	by mail.webstep.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.89)
	(envelope-from <vladislav.kurz@webstep.net>)
	id 1jVdWM-0005sc-Gr
	for 1465@bugs.x2go.org; Mon, 04 May 2020 18:00:42 +0200
From: Vladislav Kurz <vladislav.kurz@webstep.net>
To: 1465@bugs.x2go.org
Date: Mon, 04 May 2020 18:00:42 +0200
Message-ID: <1869583.Jh6TSF2MMF@hex>
User-Agent: KMail/5.2.3 (Linux/4.9.0-12-amd64; KDE/5.28.0; x86_64; ; )
In-Reply-To: <3d0ec19b-9273-4db0-2363-6ff18a4ebc00@baur-itcs.de>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"
Dne pondělí 4. května 2020 17:01:10 CEST, Stefan Baur napsal(a):
> And here's the next catch: They intend to use Libreoffice as their
> single published application.  Which allows the user to write their own
> macros in Libreoffice Basic.  Which allows them to read binary files and
> do things with them.  Like convert them to a bunch of QR codes and
> display them.  So to do the things that need to be done, they (the
> owners) are depending on an executable which the user can do so much
> more with than they want it to do.  And there's no way to limit that,
> other than to refrain from using Libreoffice as a front-end.
> 
> -Stefan

With full respect to the users, if they were capable of that, they would 
probably be able to write similar spreadsheet from scratch (and have some 
other job).

I know that redesigning the whole calculation as web application would be much 
better. But if protection against 80% of users can be done with 20% effort, I 
would do it. You say that 100 % protection is not possible, so there is no 
reason to do anything...

All I want is to close this one obvious hole:
ssh somewhere "cat file" > file

I cannot remove exec bit from /bin/cat, cause it is required to set up x2go 
session. If the rbash guide I referenced at the beginning worked, this would 
be possible.

Best regards
Vladislav Kurz

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Fri Aug 7 01:22:28 2020; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.