From nable.maininbox@googlemail.com Tue Jul 2 10:01:34 2013 Received: (at 258) by bugs.x2go.org; 2 Jul 2013 08:01:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from mail-bk0-f49.google.com (mail-bk0-f49.google.com [209.85.214.49]) by ymir (Postfix) with ESMTPS id C2BD95DA79 for <258@bugs.x2go.org>; Tue, 2 Jul 2013 10:01:34 +0200 (CEST) Received: by mail-bk0-f49.google.com with SMTP id mz10so2104416bkb.8 for <258@bugs.x2go.org>; Tue, 02 Jul 2013 01:01:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=x1lU4PCUzL7sk58vQbp3HtoUdCXWj2uvN5mrDMowh/U=; b=iNK4WCUxrMbZghyg7pFIZ3Ly9mYf93o1c6tVUnhriL+h1B/DacBHAPfy5d2sFowNrB BUVwjT69pqMiqbbmiLFiQCnnFIYcvrPaZycrs40YsIFnkLX+xHttMlXwRZkzaP8sYN1t hCazZY5EvKGl/Z2igShTP3sp0xFQqN1qyNDyoShAG6Zf4n/XkMwD0HW6MUonHPBpjryS VV7RqScRZGPfyUhSwCdI7M656WuFcBJaG1t2ktlSemydQhM7KYeipA+TOtKowBi2csE6 CBNNEWM5G4gclATKd5oYxW3VP/7GxjQ/AGDFlZpQSDVhYhtbJW37lFAg6lrz1xobNBgy TEVw== MIME-Version: 1.0 X-Received: by 10.204.227.81 with SMTP id iz17mr3550115bkb.157.1372752094358; Tue, 02 Jul 2013 01:01:34 -0700 (PDT) Received: by 10.204.235.194 with HTTP; Tue, 2 Jul 2013 01:01:34 -0700 (PDT) In-Reply-To: References: <1372646308.18508.2.camel@heisenberg.scientia.net> <20130701114356.GP2447@cip.informatik.uni-erlangen.de> <1372682609.25918.14.camel@heisenberg.scientia.net> <20130701140132.GQ2447@cip.informatik.uni-erlangen.de> <1372728469.11367.26.camel@fermat.scientia.net> Date: Tue, 2 Jul 2013 12:01:34 +0400 Message-ID: Subject: Re: [X2Go-Dev] Bug#258: Bug#258: Bug#258: Bug#258: SECURITY: x2goclient allows clipboard sniffing From: Nable 80 To: Christoph Anton Mitterer , 258@bugs.x2go.org, x2go-dev@lists.berlios.de Content-Type: text/plain; charset=ISO-8859-1 Sorry, quickfix: s/implicitly/explicitely/ 2013/7/2, Nable 80 : > Hi, Chris. > >> So it directly goes into the local X server? >> Wow... that's awful... like a security nightmare... > Then, you don't use ssh -X/-Y, do you? > >> And people don't see x2go (or VNC, or rdp) like a direct access >> to their X server (as in plain X forwarding with xauth and that like). > Why do you think so? Because they have it in window and didn't specify > any option that exactly means 'turn on X11 forwarding'? > After all, I think that it's not a grave issue as most people use X11 > forwarding for rather trusted hosts (or just don't care). > > One additional note: it's possible to turn on clipboard forwarding in > RDP and VNC (and it's a very useful thing) but AFAIR in most clients > _one have to specify it implicitly_ (and sometimes there's a separate > option that allows some restricted clipboard access, for example: > copying from remote to local but not vise versa). May be someone will > make a patch to implement such options in X2Go. > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev >