xpra icon
Bug tracker and wiki

Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#1939 closed task (fixed)

reduce the amount of information exposed by the proxy via dbus GetInfo

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: major Milestone: 2.4
Component: server Version: 2.3.x
Keywords: Cc:

Description (last modified by Antoine Martin)

This was flagged as a potential issue during Bug 1102836 - AUDIT-0: xpra: suse-dbus-unauthorized-service org.xpra.Server a security review of xpra for packaging into suse.

FWIW: all the information exposed should normally already be accessible to all users on the system, but it is possible that we expose some internal attributes that should not be - difficult to tell, so let's err on the side of caution.

Change History (1)

comment:1 Changed 2 years ago by Antoine Martin

Description: modified (diff)
Resolution: fixed
Status: newclosed

Done in r20186, r20187 backport for the v2.3.x branch.

Version 1, edited 2 years ago by Antoine Martin (previous) (next) (diff)
Note: See TracTickets for help on using tickets.