Project

General

Profile

Actions
Copy link

Feature #83

open

Client hijacking in activation

Added by Tobias Wich almost 12 years ago. Updated over 4 years ago.

Status:
New
Priority:
Low
Assignee:
-
Target version:
1.x
Start date:
05/22/2012
Due date:
% Done:

0%

Estimated time:
24.00 h
Reviewer:
Build Version:

Description

Prevent the localhost connection from being triggered by a foreign user/ session. Perhaps an X session.
Need to evaluate attack vector first

Actions
Copy link
 #1

Updated by Tobias Wich about 11 years ago

  • Target version deleted (4)
Actions
Copy link
 #2

Updated by Andreas Kuckartz about 11 years ago

  • Priority changed from Normal to High
Actions
Copy link
 #3

Updated by Tobias Wich about 10 years ago

  • Target version set to 1.3.0

A "desktop firewall" asking the user whether to accept connections from a certain agent has been proposed.

As of now, it's unclear how to detect the agent and whether the grant should be permanent or per session/ limited amount of time.

Actions
Copy link
 #4

Updated by Tobias Wich over 8 years ago

  • Tracker changed from Bug to Feature
  • Priority changed from High to Low
Actions
Copy link
 #5

Updated by Tobias Wich over 4 years ago

  • Target version changed from 1.3.0 to 1.x
Actions
Copy link

Also available in: Atom PDF