diff -ur xrdp-0.9.7.orig/sesman/sesman.ini xrdp-0.9.7/sesman/sesman.ini
--- xrdp-0.9.7.orig/sesman/sesman.ini 2018-06-29 08:18:27.000000000 +0000
-+++ xrdp-0.9.7/sesman/sesman.ini 2018-07-04 18:54:10.174090693 +0000
-@@ -14,11 +14,11 @@
++++ xrdp-0.9.7/sesman/sesman.ini 2018-09-06 09:10:42.289218472 +0000
+@@ -12,13 +12,13 @@
+ ReconnectScript=reconnectwm.sh
+
[Security]
- AllowRootLogin=true
+-AllowRootLogin=true
++AllowRootLogin=false
MaxLoginRetry=4
-TerminalServerUsers=tsusers
-TerminalServerAdmins=tsadmins
-+TerminalServerUsers=users
++TerminalServerUsers=xrdp
+TerminalServerAdmins=root
; When AlwaysGroupCheck=false access will be permitted
; if the group TerminalServerUsers is not defined.
param=X11rdp
diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini
--- xrdp-0.9.7.orig/xrdp/xrdp.ini 2018-06-29 08:18:27.000000000 +0000
-+++ xrdp-0.9.7/xrdp/xrdp.ini 2018-07-04 18:55:55.985084386 +0000
-@@ -118,10 +118,10 @@
++++ xrdp-0.9.7/xrdp/xrdp.ini 2018-09-06 09:13:13.540216769 +0000
+@@ -4,6 +4,8 @@
+
+ ; fork a new process for each incoming connection
+ fork=true
++; IP address to listen
++;address=127.0.0.1
+ ; tcp port to listen
+ port=3389
+ ; 'port' above should be connected to with vsock instead of tcp
+@@ -118,10 +120,10 @@
ls_btn_cancel_height=30
[Logging]
; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
[Channels]
-@@ -153,24 +153,24 @@
+@@ -153,24 +155,24 @@
; Some session types such as Xorg, X11rdp and Xvnc start a display server.
; Startup command-line parameters for the display server are configured
; in sesman.ini. See and configure also sesman.ini.
[Xvnc]
name=Xvnc
-@@ -182,43 +182,43 @@
+@@ -182,43 +184,43 @@
#xserverbpp=24
#delay_ms=2000