Hi Stefan,

On  So 08 Dez 2013 21:10:57 CET, Stefan Baur wrote:

> Am 08.12.2013 21:05, schrieb Nable 80:
>> One should notice that without root ( who would give root access to
>> generic employee? except (possibly) on his workstation) you still
>> cannot access other users' cookies (except cases when one have too
>                                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> wide permissions or known vulnerabilitites with privelege escalation),
>   ^^^^^^^^^^^^^^^^
>> so you cannot grab their X sessions, can you?
>
> And here we are again at "Hey, $FOO doesn't work, I'll just do chmod  
> -R 777 * and see if that makes it work."
>
> Plus, the rogue employee may as well be the admin, and thus have  
> root rights on the machine where you're logged in.
>
> -Stefan

For X2Go we must assume that the root user is a trustworthy person.  
Otherwise we are completely lost.

Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb