A user can establish a remote control session when the host computer is at the CTRL+ALT+DEL screen or is locked, behavior for Standard user vs. Superuser
| Article:TECH138171 | | | Created: 2010-08-20 | | | Updated: 2012-05-23 | | | Article URL http://www.symantec.com/docs/TECH138171 |
Problem
It is possible for a user to establish a remote control session when the "host" computer is at the CTRL+ALT+DEL screen or is locked.
Environment
pcAnywhere Solution 12.5 with SP2
pcAnywhere Solution 12.6
Cause
This behavior is by design.
Solution
This issue has been fixed in pcAnywhere Solution 12.6.7. Please see the release notes for pcAnywhere 12.6.7: http://www.symantec.com/docs/DOC5350
Previously, Symantec published the following article to explain the behavior and some advice on configuration:
"How can I configure pcAnywhere Solution to prevent eavesdropping?" (HOWTO21510)
Symantec has released a patch for the version 12.5 sp2 Windows "host" computers (those running the Symantec pcA Agent) which changes the behavior to the following:
| User Type | Machine State | Behavior before patch is applied | Behavior after patch is applied |
| StandardUser | Ctrl + Alt + Del | Display message box with the ability for end user to only accept connection. After timeout connection is established. | Display message box should have the ability for end user to accept/deny connection. After timeout, connection should be terminated. |
| StandardUser | Machine locked | Display message box with the ability for end user to only accept connection. After timeout connection is established. | Display message box should have the ability for end user to accept/deny connection. After timeout, connection should be terminated. |
| StandardUser | Logged-in | Display message box with the ability for end user to either accept /deny connection. After timeout connection is terminated. | Display message box should have the ability for end user to accept/deny connection. After timeout, connection should be terminated. |
| SuperUser | Ctrl + Alt + Del | Display message box with the ability for end user to only accept connection. After timeout connection is established. | Display message box with the ability for end user to only accept connection. After timeout, connection should be established. |
| SuperUser | Machine locked | Display message box with the ability for end user to only accept connection. After timeout connection is established. | Display message box with the ability for end user to only accept connection. After timeout, connection should be established. |
| SuperUser | Logged-in | Display message box with the ability for end user to only accept connection. After timeout connection is established. | Display message box with the ability for end user to only accept connection. After timeout, connection should be established. |
The patch for pcAnywhere 12.5 sp2 is attached to this article and the files must be replaced on the host computers.
Attachments
|
|
|
|
|
Article URL http://www.symantec.com/docs/TECH138171
Terms of use for this information are found in Legal Notices
Thank you.