0

I would like to understand how the following problem is technically possible:

In my company, we have a machine which I and several colleagues connect to. I regularly use x11 forwarding when I connect via SSH. (I receive the data with XQuartz on MacOS.) Today my colleague has connected to the machine via RDP and there, surprise, XQuartz opened the menu of Linux Mint, the OS of the machine, on my computer.

I realize that it is not my session that I control, but that of my colleague. Which is obviously a huge security problem.

How is this possible? Has something been misconfigured?

mentallurg
  • 8,536
  • 4
  • 26
  • 41
Hantlowt
  • 1
  • 2
  • How exactly do both of you log in into the machine? This is a different machine with maybe separate users, so maybe you connect to the same user account? – Steffen Ullrich Sep 01 '22 at 09:29
  • We have different accounts for this common machine. It was his session from this computer that has been redirected to my "personal" computer. – Hantlowt Sep 01 '22 at 09:32
  • Could you better describe the RDP/X11 relationship? What RDP server are you running? Please specify the exact path and software used by you and your colleague to this server. – Adam Katz Sep 01 '22 at 17:20
  • We can log to this machine by SSH or RDP. My colleague prefers to use RDP, so he uses the internal Windows client for the remote desktop, and me, i'm using SSH (with x11 forwarding) on MacOS. – Hantlowt Sep 02 '22 at 07:39

0 Answers0