X2Go Bug report logs -
#30
http broker client in X2Go Client: setpass task does not require old password
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>
:
Bug#30
; Package x2goclient
.
(Sun, 16 Sep 2012 08:03:01 GMT) (full text, mbox, link).
Acknowledgement sent
to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
:
New Bug report received and forwarded. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>
.
(Sun, 16 Sep 2012 08:03:01 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: x2goclient
Severity: important
Version: 3.99.3.0-prerelease
Hi Alex,
The current implementation of the http session broker code in X2Go
Client has a task called setpass.
From reading the code of the example session broker you sent me some
weeks ago and from looking at the X2Go Client code in
httpbrokerclient.cpp you do not request the user to enter his old
password before changing it to a new password.
From my perspective this is a no-go feature and it should be changed
to something that also PAM and other passwd tools would do. Request
the old passwd, set the new password (twice on the GUI).
Even if there is an authentication happening prior to changing the
password, the old password should be queried again, before a password
change is possible.
With x2gobroker in Git, I I would like to work in this direction and
we will need an adaptation in X2Go Client sooner or later, I guess.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, rothenstein 5, 24214 neudorf-bornstein
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]
Information forwarded
to x2go-dev@lists.berlios.de, X2Go Developers <x2go-dev@lists.berlios.de>
:
Bug#30
; Package x2goclient
.
(Fri, 21 Sep 2012 21:18:12 GMT) (full text, mbox, link).
Acknowledgement sent
to <jameswille@capitalmanagementlenders.com>
:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.berlios.de>
.
(Fri, 21 Sep 2012 21:18:12 GMT) (full text, mbox, link).
Message #10 received at 30@bugs.x2go.org (full text, mbox, reply):
Hi,
I hope this e-mail message finds you in good health and please pardon my letter of intent if it did intrude on your privacy. Your contact is based on directive from a private client Mr. John Tsang Chun-wah, based in Hong Kong who intends to invest in your Country. Your high profile position has attracted him and suits his demand. He needs someone with vast experience and capability to handle a good investment portfolio. Figures will be discussed with you as we proceed.
My client seeks to invest in public and private securities in a broad range of areas including real estate, energy, oil and gas, emerging markets and high-technology. Within the technology sector, he focuses on communications, software and digital content and services.
Following the present financial meltdown and weak economic situation in Europe, my client wouldn't want to lose his entire investments in Europe; he wishes to move them to your Country of residence with you as the investment manager. This involves bonds with HypoVereins (UniCredit) Group and La Caixa Bank of Spain.
If this is of interest; kindly provide me with your direct telephone and fax number to ease communication.
Regards,
James Willeford
President.
Capital Management Lenders
Send a report that this bug log contains spam.
X2Go Developers <owner@bugs.x2go.org>.
Last modified:
Thu Nov 21 13:51:44 2024;
Machine Name:
ymir.das-netzwerkteam.de
X2Go Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.