Hi Ben On Do 17 Jul 2008 04:41:54 CEST Ben Cooksley <sourtooth@gmail.com> wrote:
I recently noticed that the italc client is being started as the user that logged in, and this allowed them to kill the italc client and escape my control. i traced the problem and found that you have switched to using /etc/sysconfig/ica instead of patching the /etc/X11/xdm/Xsetup script. I also noticed that it no longer runs at the logon screen. both features ( running at the logon screen, inability to kill italc for users ) are very important to me, especially the users inability to kill the italc client. Is there any hope that this situation will change in the future, or are there workarounds to stop users from killing the italc client?
Even with patching /etc/X11/xdm/Xsetup, users can kill the client - so the switch to a "non destructive" setup doesn't hurt in this case. So users are able to kill the client - but this is IMO something which can be handled "outside" the computer via face to face communication... But: I think we can switch to use the xauth-cookies and start the client as root - using the authority files for the users desktop. The problem: that's something completely new for me and I have to investigate some time to get this up and running even for multiple users on a Terminalserver. (Any help welcome ;-) So the "security" problem is nothing new in the end - and a solution can be provided in the near future. Until then, a teacher already noticed that a user has killed the ica client - so think of it like an attempt to deceive... With kind regards, Lars -- To unsubscribe, e-mail: opensuse-edu+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-edu+help@opensuse.org