change to vncpasswd requested

Mon, 28 Sep 1998 18:53:59 +0000

Ivan Popov <pin "at" math.chalmers.se> writes:

> On Fri, 25 Sep 1998, Boyce, David wrote:
> 
> > ie letting xdm manage it. And I want to let users keep their password files
> > on an NFS-mounted filesystem so they don't need to maintain a different one
> 
> > if it's owned by the user. I have no problem with having to do a "chmod a+r"
> > on the password file the first time it's created; the problem is that
> 
> > Please let me know if this seems doable or if there's a major problem with
> > it.
> 
> There are, well, two major problems with it:
> 
>  - having password files on NFS makes them easily accessible for virtually
>    anyone
> 
>  - making password file readable for all makes it even easily accessible

public/private-key verification techniques allows for the password
file to be world readable without sacrificing security.  i have
written patches to switch VNC to use PK methods, but those changes
only exist for the X server/viewer, and are not compatible with the
current verification method.

if you only use the X viewer/server, then you might want to consider
the patches.

http://web.mit.edu/thouis/vnc

ray jones

---------------------------------------------------------------------
The VNC mailing list     -   see http://www.orl.co.uk/vnc/intouch.html
---------------------------------------------------------------------