After logout account from chrome, chrome remote server still can be connected with other client
Reported by
chi...@gmail.com,
Dec 19
|
||||
Issue descriptionVULNERABILITY DETAILS After logout account from chrome, chrome remote server still can be connected with other client if pin has setting. VERSION Chrome Version: [71.0.3578.98] + [stable] 64bit Operating System: [Win7 pro Service Pack 1] Chrome Remote Desktop Host 71.0.3578.15 REPRODUCTION CASE 1. In PC(A),Login Chrome and download chrome remote from store. 2. Enable remote control and setup pin code. 3. Use another PC(B), windows chrome remote client connect to this remote server, and save the pin. 4. Logout Chrome google account, and all chrome application should be cleaned. 5. Use PC(B) connect again, still can remote control the PC(A) Win7. FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION Type of crash: [tab, browser, etc.] Crash State: [see link above: stack trace *with symbols*, registers, exception record] Client ID (if relevant): [see link above] CREDIT INFORMATION Externally reported security bugs may appear in Chrome release notes. If this bug is included, how would you like to be credited? Reporter credit: [goes here]
,
Dec 19
,
Dec 19
,
Dec 20
This is working as intended. Once the Chrome Remote Desktop host component is set up, it runs independently of Chrome and is not tied to Chrome's sign-in state. |
||||
►
Sign in to add a comment |
||||
Comment 1 by vakh@chromium.org
, Dec 19Summary: After logout account from chrome, chrome remote server still can be connected with other client (was: Security: After logout account from chrome, chrome remote server still can be connected with other client )