VNC 3.3.1: passwords and security
pin "at" math.chalmers.se
Fri, 06 Mar 1998 09:47:05 +0000
On 6 Mar 1998, Lionel Cons wrote:
> One (ORL?) has to decide from the start if VNC supposed to be secure
> or not. If yes, we should do a complete audit to find all the
> weaknesses and fix them. If not, we should make sure that using VNC
> with SSH, tcp_wrappers... is easy and secure.
It would be beneficial to separate different tasks.
vnc is very good at forwarding a session, but authentication and
encryption could be done by some "pluggable" modules. In that case the
modules can be easily adapted to any local security mechanism and/or
One simple interface that comes to mind is server using local fifo (and
e.g. its access modes?) to restrict client access (and external program
like ssh or even telnet ;-) making authentication and establishing the
Root always has an ability to steal a session (it is in memory, isn't
it, or anyway the X clients' sockets are under roots control)...
Ivan Popov <pin "at" math.chalmers.se>
Systemman, Driftavdelningen, Matematiska institutionen, Chalmers TH