X2Go Bug report logs - #405
x2gomountdirs/sshfs hangs indefinitely if

version graph

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: "Roger D. Serwy" <roger.serwy@gmail.com>

Date: Tue, 21 Jan 2014 06:45:02 UTC

Severity: grave

Tags: confirmed, pending

Fixed in version 4.0.1.19

Done: X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Full log


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 21 Jan 2014 06:40:05 +0000
From roger.serwy@gmail.com  Tue Jan 21 07:40:04 2014
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	T_DKIM_INVALID autolearn=ham version=3.3.2
Received: from mail-ig0-f175.google.com (mail-ig0-f175.google.com [209.85.213.175])
	by ymir (Postfix) with ESMTPS id B3BA35DB16
	for <submit@bugs.x2go.org>; Tue, 21 Jan 2014 07:40:03 +0100 (CET)
Received: by mail-ig0-f175.google.com with SMTP id uq10so10010425igb.2
        for <submit@bugs.x2go.org>; Mon, 20 Jan 2014 22:40:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:subject
         :content-type:content-transfer-encoding;
        bh=padCO4g1/z+TPjEXaHrhsvMLcp+xTDR4XtLv61ZLKDM=;
        b=Lyze8LfRQt2x/06vXtQOXycNm3xgTstOK9cXq5+TOXyrdyX0qH6gpt9Lhn6I7Sn3/G
         I7Y/lgfF9GSvAqTtCQBY+Xs49EVbrG6gXSC6sS1euhj3yfef1LTwahC9vVIxJnneoRkE
         KMzdr310/BVmlscYXdlIXAfdBdSGZj6FGghn2YhS/SJGcafaJrPIneKtot5vaPdFSH5E
         zWGIIKy9LgEdYIVOgVepYMdwQ03N7bp/cDQhrzky5VsuHXQqI4Old8ZXCnaBEiN1WzZ1
         YTX64K/HrHcSbL8oMEfB91VMcZObsm/CA2Jr5nFdZR8oLgQxlEgjxAGtp2W9OXkl8pk4
         XS+g==
X-Received: by 10.51.17.101 with SMTP id gd5mr16252699igd.25.1390286402161;
        Mon, 20 Jan 2014 22:40:02 -0800 (PST)
Received: from [192.168.2.6] (99-4-166-139.lightspeed.caryil.sbcglobal.net. [99.4.166.139])
        by mx.google.com with ESMTPSA id h6sm9091450igy.8.2014.01.20.22.40.01
        for <submit@bugs.x2go.org>
        (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Mon, 20 Jan 2014 22:40:01 -0800 (PST)
Message-ID: <52DE1642.1090802@gmail.com>
Date: Tue, 21 Jan 2014 00:40:02 -0600
From: "Roger D. Serwy" <roger.serwy@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: submit@bugs.x2go.org
Subject: x2goclient pollutes ~/.ssh/authorized_keys
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Package: x2goclient
Version: 4.0.1.2
Severity: Grave

I am using ArchLinux Linux 3.12.6-1-ARCH #1 SMP PREEMPT Fri Dec 20 19:39:00 CET 2013

When "Client side printing support" is enabled, x2goclient appends an entry to ~/.ssh/authorized_keys.
Worse, these entries are not removed when exiting x2goclient.

This is a security risk, as the user did not intend to allow permanent access to that particular key,
especially when the client computer runs an OpenSSH server.

Performing chmod -w ~/.ssh/authorized_keys and then running x2goclient with client side printing gives
an error message: "Unable to write : /home/serwy/.ssh/authorized_keys". This message is generated
in void ONMainWindow::startX2goMount() at line 8867 in onmainwindow.cpp.

x2goclient shouldn't need to write to ~/.ssh/authorized_keys.

Regards,
Roger Serwy






Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Sat Nov 23 21:15:12 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.