Hi Ted - Thanks for working on addressing the security issues! After reviewing revision 30 in the upstream libpam-freerdp project, a privileged kill() of session_pid still exists at the beginning of pam_sm_open_session(). All other issues seem to be addressed. Thanks!
Also, have you confirmed that freerdp-auth-check.c's use of the libfreerdp API attempts to negotiate encrypted connections (TLS, preferably) to the RDP server by default? I'm still not finding any documentation of the API. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039634 Title: [MIR] libpam-freerdp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpam-freerdp/+bug/1039634/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
