From mike.gabriel@das-netzwerkteam.de Wed Apr 1 16:56:19 2015 Received: (at 665) by bugs.x2go.org; 1 Apr 2015 14:56:20 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 3F2A15DAD1 for <665@bugs.x2go.org>; Wed, 1 Apr 2015 16:56:19 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 15DD619FF; Wed, 1 Apr 2015 16:56:19 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id CF0CA3BFE1; Wed, 1 Apr 2015 16:56:18 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8HdPsFvGh7xB; Wed, 1 Apr 2015 16:56:17 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 041BB3C1C8; Wed, 1 Apr 2015 16:56:17 +0200 (CEST) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Wed, 01 Apr 2015 14:56:16 +0000 Date: Wed, 01 Apr 2015 14:56:16 +0000 Message-ID: <20150401145616.Horde._xIqkyXSMp9TK3X8o_Xu0w9@mail.das-netzwerkteam.de> From: Mike Gabriel To: Stefan Baur , 665@bugs.x2go.org Subject: Re: [X2Go-Dev] Bug#665: security improvement for x2gobroker In-Reply-To: <545C085A.2020308@baur-itcs.de> User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_GD9dv_7LSsup_Im5v5xF_w2"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_GD9dv_7LSsup_Im5v5xF_w2 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Stefan, On Fr 07 Nov 2014 00:46:34 CET, Stefan Baur wrote: > Package: x2gobroker > Severity: wishlist > > Feature Request: > Save temporary x2goclient_authorized_key to a tmpfs to ensure safe > removal/destruction of file in case of system crash. > Note: This may require a SELINUX config change. > > (Bug filed on behalf of Mike#1) > I looked into this today. This is configurable in=20=20 /etc/x2go/x2gobroker.conf=20on the broker side and in each X2Go Server's=20= =20 /etc/ssh/sshd_config=20file. See latest /etc/x2go/x2gobroker.conf for details [1]. Mike [1]=20=20 http://code.x2go.org/gitweb?p=3Dx2gobroker.git;a=3Dblob;f=3Detc/x2gobroker.= conf;h=3D11cb0eadb493ceb0976bce53795da73c466eb832;hb=3D80b1acb82639467ff857= 37cdfc5500535ad92afc#l130 --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_GD9dv_7LSsup_Im5v5xF_w2 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJVHAcPAAoJEJr0azAldxsx29cP/ixSRwCckVUeqPeUusmvKdQR 1yKplgYBy/EuaRw6I07ueW+xPS4CkkZi60SfVBwmlEHNIPFBSbVxIO4JJm6Qlk15 8bUgsCPX/wTFPi0+9gf6thqryBT+C5X6aVGHo4RQbx3GgVEv3WTgto+HdAtS2td3 MtnN9jZb/olgdWkk/lJ0YTiiXGNMvAu4cr93yx9icU1cvbxQgFo7RtUxDkYzvI4c mAzpXwANUzLJDB3zPCia02bfDv/c4moJ90A0l/truL8L7smHzhMg20LAJcnJGxWI 4FJqBz2i9zTONyz46F1RP6oJzEO0j4Z+N32+pdxZFEuHLCaXBpTnlf+Rpl0nl5i5 Y1WS6Cgc5o8sazYQvJyMWAJL3PSRUKphUj0thYAX4RK3QDtX0hnSru+aeg/QCvn8 jvhlQbRApuA91x4hAs5lwVqjaeP/g86l+QZKvmN1dX8CgtC+dwNQRxdIuPS3Zkjq LO7Y4GDu6AkqhBXWBC53H/rUqCKu70W3gFfuSJ+MaVM9Aw4dCRXLAlTy5h0mHtmG tST2NrZ4M6q+l53SPCJHfKEcrNp9DXOVmGcGiOhLtdbYaxQqVq0CiTyE3qLz5RKl gfVJWrL/iFvwVzoKfYpWORYYXwvNJmvL0at8OX6/ZkFBcXwAughG6JMxsReCIaoF 3+1+lb2jMLi6f3AeBwf3 =ckJh -----END PGP SIGNATURE----- --=_GD9dv_7LSsup_Im5v5xF_w2--