ThinLinc 4.8.1 is a minor update which solves a security vulnerability:
[SECURITY] A security vulnerability with the server side support for "Local Drive Redirection" has been discovered. In earlier versions, it was possible for a local user to mount file systems outside their designated area, allowing for a local attacker to gain elevated privileges on the system. This has now been corrected.
Hotfix packages for older releases are available from https://www.cendio.com/downloads/updates/b7087. If Local Drive Redirection is not required, another solution is to disable this feature by running:
# chmod u-s /opt/thinlinc/libexec/tl-mount-personal
Please note that the Local Drive Redirection feature now requires Linux kernel 2.6.23 or later. (7087)
For more information about the previous release, please see the release notes available at http://www.cendio.com/resources/docs/relnotes/4.8.0 .
ThinLinc works on most modern Linux distributions. We recommend that you deploy ThinLinc on one of these tested platforms:
- Red Hat Enterprise Linux Server 7 (x86_64)
- SUSE Linux Enterprise Server 12 (x86_64)
- Ubuntu Desktop 16.04 (x86_64)
Please note that ThinLinc is supported on any platform that fulfills our documented requirements. This includes Oracle Linux, Linux Mint, and Debian.