Extent of Citrix Receiver access to local resources

0

My partner's IT department told her that they "can see everything happening on your computer".

Obviously a remote desktop client is going to capture keyboard and mouse, and could proxy local resources, but I should have thought there would be some mechanism for the user to manage access to local resources.

A cursory inspection of the Citrix client UI didn't reveal anything pertinent, so I looked to Bing and Google. Unfortunately, if there's anything out there on the topic of protecting the client from the server, it's buried in an avalanche of material on protecting the server from the client.

Can anyone shed some light on this subject? If nothing else I could always sandbox Citrix with a VM, but that's a little heavy handed.

Peter Wone

Posted 2016-02-09T10:22:13.143

Reputation: 149

Answers

0

Depending on the version of the OS, Windows (or RDP to be more precise) supports a feature called "shadow session": https://technet.microsoft.com/en-us/library/cc772355.aspx

This shadow session allows an administrator to "shadow" a particular session ("they can see everything happening on the computer") - as long as they know the session number and can login to the machine (which they can since they are administrators).

This feature was available in 2008/R2 (at the kernel level), removed in 2012, came back in 2012R2: https://blogs.technet.microsoft.com/askperf/2013/10/22/windows-8-1-windows-server-2012-r2-rds-shadowing-is-back/

cdavid

Posted 2016-02-09T10:22:13.143

Reputation: 845

Asked: 2016-02-09T10:22:13.143

Viewed: 106 times

Active: 2016-02-09T20:05:07.927