*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: vinagre
When a user is logged in, I can enable the remote desktop AND disable
the 'you must confirm each access to this machine' without being asked
for a password.
In this way, I can change the settings when the user is logged in (I use
auto-login in ubuntu, so that's very easy), get his/her ip adress and
sneak into this machine when the machine is online, without any
knowlegde from the user!
shouldn't there be asked for the root password for security?
** Affects: vinagre (Ubuntu)
Importance: Undecided
Status: New
** Tags: security vinagre
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/686535
Title:
vinagre should ask root password to make changes in settings
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
