• superkret@feddit.org
    link
    fedilink
    English
    arrow-up
    10
    ·
    2 months ago

    We’ve been dealing with this shit for the past 3 days.
    How the fuck do you even create a security hole that lets unprivileged users accessing a client app get SYSTEM rights to the server?
    Didn’t even know that was technically possible even if you tried to program it.

    Oh well, at least we’ll have an up-to-date client device inventory and no more BYOD shenanigans at the end of it.

    • m-p{3}@lemmy.ca
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 months ago

      security hole that lets unprivileged users accessing a client app get SYSTEM rights to the server

      wtf 🤣

      • superkret@feddit.org
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        2 months ago

        I wish we could get rid of Citrix yesterday, but:

        1. We’ve got our hands full till next year with a physical relocation of the business, migration to M365, replacement of all servers and storage, and getting the fuck away from VMWare
        2. I was technically hired as a Citrix Admin (despite never having heard of the software before), so replacing it might put my job in jeopardy.
      • Zorsith
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        2 months ago

        Got any links about the hidden server aspect of Citrix? I’d love to read more (I’d google it but these days Google is just… gestures vaguely