New issue
Advanced search Search tips

Issue 916369 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Dec 20
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug



Sign in to add a comment

After logout account from chrome, chrome remote server still can be connected with other client

Reported by chi...@gmail.com, Dec 19

Issue description


VULNERABILITY DETAILS
After logout account from chrome, chrome remote server still can be connected with other client if pin has setting. 

VERSION
Chrome Version: [71.0.3578.98] + [stable] 64bit
Operating System: [Win7 pro Service Pack 1]
Chrome Remote Desktop Host 71.0.3578.15

REPRODUCTION CASE
1. In PC(A),Login Chrome and download chrome remote from store.
2. Enable remote control and setup pin code.
3. Use another PC(B), windows chrome remote client connect to this remote server, and save the pin.
4. Logout Chrome google account, and all chrome application should be cleaned.
5. Use PC(B) connect again, still can remote control the PC(A) Win7.

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: [tab, browser, etc.]
Crash State: [see link above: stack trace *with symbols*, registers,
exception record]
Client ID (if relevant): [see link above]

CREDIT INFORMATION
Externally reported security bugs may appear in Chrome release notes. If
this bug is included, how would you like to be credited?
Reporter credit: [goes here]

 
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Summary: After logout account from chrome, chrome remote server still can be connected with other client (was: Security: After logout account from chrome, chrome remote server still can be connected with other client )
Taking it out of the security queue since it is not a security issue.
Labels: Needs-Triage-M71
Components: Services>Chromoting
Status: WontFix (was: Unconfirmed)
This is working as intended. Once the Chrome Remote Desktop host component is set up, it runs independently of Chrome and is not tied to Chrome's sign-in state.

Sign in to add a comment