Thoughts on Security

Session Database Backends

PostgreSQL

SQLite

X2Go client-side Printing

Might be exploited if someone becomes x2goprint-user
  1. X2goServer == CUPS Server, latest implementation (as of 20110909):
    1. cups-x2go CUPS backend runs as root
    2. as root the backend launches x2goprint (without sudo!!!)
    3. x2goprint script changes owner ship of PDF file and pushes it into SSHFS share towards the X2go client.
      • using X2go printing locally (X2go server == CUPS server) then security (sudo) is not an issue any more(?)
        • Nope still is (not a big one, though): Using CUPS the user can easily be faked, allowing to fill someone else's quota or print at their home printer.
  2. X2goServer != CUPS Server:
    1. The Cups-server connects the x2go-Server as x2goprint-user using ssh-key auth.
    2. x2goprint-user executes sudo to change the ownership of the PDF file and pushes it into SSHFS share towards the X2go client.
      • This script can currently be exploited.
      • If someone becomes x2goprint he might become root.

Possible solution 1

Possible solution 2

Pulseaudio

No known exploits / Privacy issues

Solution for privacy

Morty: I looked into this recently (End of 2011). Unfortunately, due to the buffering done on the server, this might start to “swing” (playback getting faster and slower again and again).

X2Go Agent