[THIN] Re: A Great Citrix Feature or a Massive Security Hole?

Hi Bernd,

My quick answer is it's a great feature, provided you deal with the security
holes ;-)

When a seamless app lauches another application, it will also appear as a
seamless app in your session. That's nothing new and is in fact a really
useful feature, always provided that users can only run the applications you
want them to have.

Terminal services and windows in general are full of security holes. The 16
bit subsystem is inherently insecure, the insert object function in
something as simple as wordpad allows entrepeneurealism, and just about any
other application that uses an external executable as a viewer etc can be a
challenge. COM/DCOM exposes all sorts of interesting ways to break out of an
application and while application "virtualization" helps here it creates
other problems.

So security issues are nothing new. Windows is not secure, you have to make
it secure. Vista/Server 2008 will change that somewhat, but extra effort
will always be needed.

The important point to make is that securing a system isn't that hard.
Software restriction policies are beginning but since their primary function
is to restrict user-"installed" applications, it's always an idea to use an
application white list or better yet a third-party lockdown product
like Appsense', Tricerat, Powerfuse, Provision networks etc.

regards,

Rick

---
Ulrich Mack
www.commander.com


On 6/24/07, Bernd Harzog <berndh@xxxxxxxxxxxxxx> wrote:


 Folks,



I have not been posting much since I left RTO a couple of years ago. I am
now with ProactiveWatch, a vendor that makes a Managed Services platform
that allows VARs to monitor and manage applications, systems and networks at
their customer sites.



We are working on putting remote control integration into a forthcoming
version of the product, and the first thing we did was RDP. The interesting
case is the case of our Console installed on a Citrix Server at the customer
site. If the Admin is using the Console (published as a Citrix app), let's
say from home (just public Internet from home to the office), and then he
right-clicks and invokes and RDP session (this assumes an RDP file on the
Citrix Server with the correct parameters), the Citrix Presentation Server
turns around and publishes that Admin an RDP session. In other words, if you
have published application A, and you launch application B from within A,
Citrix goes ahead and just publishes B to you in your existing session. All
of this without any work on the back end to "enable" RDP as a Citrix
application.



Now this is tremendously convenient for an Admin because you can basically
right-click and have a desktop to any server you want to see without
actually have to publish MSTSC as an application. But if (and I am not sure
this is true), you are a user running published Word, and then go run a
script to launch Notepad, then you can write things to the file system that
will eventually turn the server over to you.



So, is this working the way it is supposed to, and if so, is this a good
thing or a really big security hole.



I look forward to comments from all of my old friends (Rick, Jim, are you
listening).



Cheers,



Bernd Harzog

Vice President and General Manager

ProactiveWatch

www.proactivewatch.com

bharzog@xxxxxxxxxxxxxxxxxx

770-475-4249

Other related posts: