starting an xpra session manually and then remotely connecting to it with the winswitch cleint for Windows results in change of xpra session to use --bind-tcp=0.0.0.0:<port>, which is a "major security risk" (xpra(1)).

Reproduction steps:

In the remote host run

$ ps aux | grep winswitch # no winswitch_server running
$ ps aux | grep xpra # no xpra running
$ xpra start :666
$ ps aux | grep xpra # see the command line and PID
1000     18905  2.5  0.2 188412 21976 ?        S    21:26   0:00 /usr/bin/python /usr/bin/xpra start :666

Now run the Window Switch client for Windows and connect to that remote host using ssh tunneling. It will show an "unknown" session. You won´t even need to resume it via the tray icon, the damage is already done:

On the remote host again:

$ ps aux | grep xpra
1000     19549  0.1  0.2 213020 23404 ?        S    21:32   0:00 /usr/bin/python /usr/bin/xpra --bind-tcp=0.0.0.0:15061 --password-file=/home/ocm-admin/.winswitch/server/sessions/666/session.pass --no-daemon --no-pulseaudio --session-name=unknown start :666 --use-display

$ ps aux | grep winsw
1000     19479  0.1  0.1 101708 15536 ?        Ss   21:31   0:00 /usr/bin/python /usr/bin/winswitch_stdio_socket
1000     19485  0.2  0.0      0     0 ?        Z    21:32   0:00 [winswitch_serve] <defunct>
1000     19533  0.2  0.3 323548 29688 ?        S    21:32   0:00 /usr/bin/python /usr/bin/winswitch_server --daemon
1000     19549  0.1  0.2 213020 23404 ?        S    21:32   0:00 /usr/bin/python /usr/bin/xpra --bind-tcp=0.0.0.0:15061 --password-file=/home/ocm-admin/.winswitch/server/sessions/666/session.pass --no-daemon --no-pulseaudio --session-name=unknown start :666 --use-display

$ netstat --inet -nlp 2>/dev/null | grep 19549
tcp        0      0 0.0.0.0:15061           0.0.0.0:*               LISTEN      19549/python

So there you are, apparently winswitch_server restarted xpra, see the different PIDs, and now it is listening on all IPs. Found no documentation about this, just stumbled upon it. No obvious way to change it in any config files. Plus this should never be the default behaviour!

For some more info, I am using Debian squeeze/stable and have installed from the official winswitch.org repository.

$ cat /etc/debian_version
6.0.5
$ apt-cache policy winswitch xpra
winswitch:
  Installiert: 0.12.14-1
  Kandidat:    0.12.14-1
  Versionstabelle:
 *** 0.12.14-1 0
        990 http://winswitch.org/ squeeze/main amd64 Packages
        100 /var/lib/dpkg/status
xpra:
  Installiert: 0.3.2-2
  Kandidat:    0.3.2-2
  Versionstabelle:
 *** 0.3.2-2 0
        990 http://winswitch.org/ squeeze/main amd64 Packages
        100 /var/lib/dpkg/status
$ winswitch_server --version
winswitch version 0.12.14
Release Build
Built on winswitch.org by root on the 2012-06-04
SVN revision unknown with unknown local modifications
$ xpra --version
xpra v0.3.2

I did not change any config files on the remote host.

The windows client version is: Window Switch 0.12.14 Built on xp-pro by XP_Pro. 2012-06-04 (release build) (svn revision 4908 with 0 local changes)

if the client version matters at all, this should clearly be changed on the server.

As reported ​here on the mailing list, there may be an issue with win32 ssh public key authentication.

Re-test it.

Two .desktop files have the following problems:

 * error: value "Network;TrayIcon" for string list key "Categories" in group "Desktop Entry" does not have a semicolon (';') as trailing character
 * error: value "TrayIcon" in key "Categories" in group "Desktop Entry" is a reserved category, so a "OnlyShowIn" key must be included
 * warning: key "Encoding" in group "Desktop Entry" is deprecated

This can be fix by the attached patch.