Bug#692529: ITP: gateone -- HTML5 web-based terminal emulator and ssh client

[Timo Juhani Lindfors <timo.lindfors@iki.fi>]

Ritesh Raj Sarraf <rrs@debian.org> writes:
> * Proven Security and Encryption

I quickly browsed around a bit. The killall() function in
gateone/utils.py looks kind of scary. It seems to kill all processes
that contain python and gateone.py in their name. This should match
"emacs -nw python.txt gateone.py" and might be a mild security issue
too:

            for session in sessions:
                if session in cmdline:
                    try:
                        os.kill(pid, signal.SIGTERM)
                    except OSError:
                        pass # PID is already dead--great
                elif 'python' in cmdline:
                    if 'gateone.py' in cmdline:
                        try:
                            os.kill(pid, signal.SIGTERM)
                        except OSError:
                            pass # PID is already dead--great


Perhaps gateone could use cgroups?