desktop-packages team mailing list archive

[Launchpad Bug Tracker <1395727@xxxxxxxxxxxxxxxxxx>]

[Expired for vino (Ubuntu) because there has been no activity for 60
days.]

** Changed in: vino (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to vino in Ubuntu.
https://bugs.launchpad.net/bugs/1395727

Title:
  POTENTIAL SECURITY HOLE: App not protected by Sudo

Status in vino package in Ubuntu:
  Expired

Bug description:
  On Ubuntu 14.10, Vino seems to be no longer protected by Sudo or the main Superuser account set-up on the Ubuntu PC, as in anyone can alter the Remote Desktop Sharing settings at any time WITHOUT a password. This of course is more of a workplace vulnerability at first, but could be an internet security issue once the program is setup; Someone needs to physically get their hands on the computer in order to alter the Vino/Remote Desktop Sharing settings, once Vino is setup, all the person needs to do is go to any other computer and access it. Easy as pie.
  Vino needs a patch and Ubuntu needs higher security credentials. Immediately.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: vino 3.8.1-0ubuntu2
  ProcVersionSignature: Ubuntu 3.16.0-24.32-generic 3.16.4
  Uname: Linux 3.16.0-24-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.14.7-0ubuntu8
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Mon Nov 24 08:51:32 2014
  InstallationDate: Installed on 2014-11-08 (16 days ago)
  InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
  ProcEnviron:
   LANGUAGE=en_US
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: vino
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vino/+bug/1395727/+subscriptions