On 2012-09-04 13:43:55, Ted Gould wrote: > On Mon, 2012-09-03 at 21:34 +0000, Tyler Hicks wrote: > > After reviewing revision 30 in the upstream libpam-freerdp project, a > > privileged kill() of session_pid still exists at the beginning of > > pam_sm_open_session(). All other issues seem to be addressed. Thanks! > > Merge proposal posted: > > https://code.launchpad.net/~ted/libpam-freerdp/unpriviledged- > kill/+merge/122680
Looks good. > > Also, have you confirmed that freerdp-auth-check.c's use of the > > libfreerdp API attempts to negotiate encrypted connections (TLS, > > preferably) to the RDP server by default? I'm still not finding any > > documentation of the API. > > So, it seems that what it does is use what the server asks it to. If > the server has TLS enabled it definitely uses it, and gives cert errors > (we had a misconfigured cert on a test server), but when we disabled TLS > server side it is happy. So does that satisfy "by default" ? Yes. When I said "by default", I meant "does freerdp-auth-check try to use the most secure authentication option supported by the server?". I'm happy from a security standpoint. Thanks for fixing everything so quickly! ACK -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039634 Title: [MIR] libpam-freerdp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpam-freerdp/+bug/1039634/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
