Really need more permission parameters for sessions.
>Deny/Allow use of Clipboard tab/shared clipboard setting during session
>Deny/Allow use of Screen Capture tab during session
>Deny RunCommandOutsideSession but allow use but not editing of commands from Command Toolbox entries.
This will allow guest fairly secure access to their "office" machines from remote locations but limits data captures from screen caps/clipboard. It also allows hosts to grant a single/handful of admin-level commands they can run on their machines, via the Command Toolbox, but no more. So, a user could reboot their machine but nothing else, for example.
Customer support service by UserEcho