The solution to this is to NOT make the xterms mount the users' homes. This is both not necessary and a security breach. Use xdm on the server to control the xterm display. This way users don't need to run anything in the local machine, and the server does not export the filesystems. Some of our machines are also used to run numerical jobs by certain users. These can log in in the machine, but not directly; they have to log in the server, and do ssh to the xterm. There's a special directory that's exported to the xterms, and the user can choose which files he puts there. In this way if the xterm is rooted the attacker will only have access to this directory, not the user's home. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Problems with root on network clients Alex Pires de Camargo
- Re: Problems with root on network clients Charles Goyard
- Re: Problems with root on network clients Ted Cabeen
- Re: Problems with root on network clients Tollef Fog Heen
- Re: Problems with root on network clients Philippe Barnetche
- Re: Problems with root on network clients Ethan Benson
- Re: Problems with root on network clien... Brad Allen
- Re: Problems with root on network c... Ethan Benson
- Re: Problems with root on netw... Tollef Fog Heen
- Re: Problems with root on netw... Carlos Carvalho
- Re: Problems with root on netw... Brad Allen
- Re: Problems with root on netw... Giacomo Mulas
- Re: Problems with root on network c... Daniel Jacobowitz
- RE: Problems with root on network clients Alex Swavely
- Re: Problems with root on network clients J-E.Schulz
- Re: Problems with root on network clients Brad Allen
