Your message dated Wed, 26 Mar 2008 15:47:03 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#469462: fixed in ldm 2:0.1~bzr20080326-1
has caused the Debian Bug report #469462,
regarding X access wide open on LTSP clients
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
469462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469462
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: ltsp
Version: 5.0.40~bzr20080214-1~40.etch.0
Severity: critical
X connections to :6 on LTSP clients are possible from any machine on the
network.
Some notes:
- LDM_DIRECTX = False or True does not change anything
- on the client, X is running with the '-auth /root/.Xauthority' flag.
However, /root is mounted ro by default. Adding it to copy_dirs in
/etc/default/ltsp-client-setup allows .Xauthority to be generated, but
X connections are still possible.
- using iptables rules, we could at least restrict access to the
terminal server
best,
-Christian
--
Dr. Christian Herzog e-mail: [EMAIL PROTECTED]
IT Systems Specialist voice: +41 44 633 3950
Department of Physics office: HPR E86.1
Swiss Federal Institute of Technology 8093 Zurich, Switzerland
--- End Message ---
--- Begin Message ---
Source: ldm
Source-Version: 2:0.1~bzr20080326-1
We believe that the bug you reported is fixed in the latest version of
ldm, which is due to be installed in the Debian FTP archive:
ldm_0.1~bzr20080326-1.diff.gz
to pool/main/l/ldm/ldm_0.1~bzr20080326-1.diff.gz
ldm_0.1~bzr20080326-1.dsc
to pool/main/l/ldm/ldm_0.1~bzr20080326-1.dsc
ldm_0.1~bzr20080326-1_i386.deb
to pool/main/l/ldm/ldm_0.1~bzr20080326-1_i386.deb
ldm_0.1~bzr20080326.orig.tar.gz
to pool/main/l/ldm/ldm_0.1~bzr20080326.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Vagrant Cascadian <[EMAIL PROTECTED]> (supplier of updated ldm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 26 Mar 2008 06:16:17 -0700
Source: ldm
Binary: ldm
Architecture: source i386
Version: 2:0.1~bzr20080326-1
Distribution: unstable
Urgency: low
Maintainer: LTSP Debian/Ubuntu Maintainers <[EMAIL PROTECTED]>
Changed-By: Vagrant Cascadian <[EMAIL PROTECTED]>
Description:
ldm - LTSP display manager
Closes: 469462
Changes:
ldm (2:0.1~bzr20080326-1) unstable; urgency=low
.
* new upstream:
- use xauth when using unencrypted X sessions rather than disabling access
control restrictions. (Closes: #469462)
- support arbitrary xserver options
- use common X code for ltsp screen script
.
* drop fix-access-control patch (applied upstream)
.
* compatibility with old ltsp versions:
- include modified copies of screen-x-common and ltsp-common-functions
- update old-ltsp-compatibility patch, add old-ltsp-xauth-compatibility
patch to ensure ldm screen script and xauth code works with all ltsp
versions
Files:
422905b3c04caf15ebb530bff22a8fe0 1040 misc extra ldm_0.1~bzr20080326-1.dsc
d17a0043cd996d66f015f7ce37960eb0 447762 misc extra
ldm_0.1~bzr20080326.orig.tar.gz
14528716dd1e592f78c0b4c0142417cc 7107 misc extra ldm_0.1~bzr20080326-1.diff.gz
e1ecd1a01a0d9d2d3f09062a8618efcc 140752 misc extra
ldm_0.1~bzr20080326-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH6l2LlPc63BPWGpkRAl62AJ9rr1BpKD09NqXG6yFUj4O6ggXDOwCfSbMs
6VVbdhUFWZsPp34gfMAAV6o=
=PvP0
-----END PGP SIGNATURE-----
--- End Message ---
