#1876 closed enhancement (fixed)
shutdown proxy servers
| Reported by: | Antoine Martin | Owned by: | Antoine Martin |
|---|---|---|---|
| Priority: | major | Milestone: | 2.4 |
| Component: | server | Version: | 2.3.x |
| Keywords: | Cc: |
Description
Sometime after 1.0 we allowed any authenticated user to shutdown the proxy server, which wasn't right. r19616 fixes that.
Problem is that we may still want to shutdown the proxy server without killing it.
This would require differentiating which connections are allowed to do this, and with what credentials.
Change History (2)
comment:1 Changed 3 years ago by
| Milestone: | future → 2.4 |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
comment:2 Changed 9 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1876
Note: See
TracTickets for help on using
tickets.
copyleft 2010 - 2021
Done in r20500: only authenticated connections can shutdown the proxy server, and only if it is not running as root.
This can still be overriden with:
XPRA_CAN_STOP_PROXY=0 xpra proxy ...(or enabled for root with value 1)
As of r20512, this is restricted to just 'named-pipe' and 'unix-domain' connections. (and this can be overriden, ie:
XPRA_STOP_PROXY_SOCKET_TYPES=tcp)