www.cendio.com
Bug 5722 - shadowing normalizes usernames to lowercase for all comparisons
: shadowing normalizes usernames to lowercase for all comparisons
Status: CLOSED FIXED
: ThinLinc
VSM Server
: trunk
: PC Unknown
: P2 Critical
: 4.8.0
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2015-11-23 13:15 by
Modified: 2017-03-21 10:35 (History)
Acceptance Criteria:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2015-11-23 13:15:56
Given users a and A, with /vsmserver/allowed_shadowers=a: 

vsmcommon.py:VSMServerHandler:allowed_shadower will allow A to shadow sessions,
even though the configuration file does not list A as an allowed shadower.
------- Comment #1 From cendio 2016-06-29 10:32:18 -------
Possibly related to bug 2884?
------- Comment #4 From cendio 2017-01-03 11:08:44 -------
Works well now. Tested with both case sensitive and case-insensitive backends.
ThinLinc respects case when the backend does.

Note however that shadowing case-insensitive users is still broken. We probably
need to fix bug 2754 for that.
------- Comment #5 From cendio 2017-01-04 10:39:47 -------
(In reply to comment #4)
> Note however that shadowing case-insensitive users is still broken. We probably
> need to fix bug 2754 for that.

That was actually caused by bug 5174. However the current method is not overly
robust, so bug 2754 would still be a better way to handle things.
------- Comment #6 From cendio 2017-01-16 14:22:48 -------
Works well. Tested with following scenarios: 
USER -> user (can shadow)
user -> USER (can shadow)
a->A (can shadow)
A->a (can shadow)
------- Comment #7 From cendio 2017-01-16 14:50:03 -------
(In reply to comment #6)
> Works well. Tested with following scenarios: 
> USER -> user (can shadow)
> user -> USER (can shadow)
> a->A (can shadow)
> A->a (can shadow)

Tested even when user A don't have access to shadow user a and vice versa.
Works as expected in accordance with the configuration
/vsmserver/allowed_shadowers