security methods for VNC
Joe Ammann
joe "at" pyx.ch
Tue, 20 Jul 1999 14:48:13 +0000
[ On Tuesday, July 20, 1999 at 14:38:37 (+0400), Michael Smith wrote: ]
> Subject: security methods for VNC
>
> So what do you think will be a better decision for VNC system?
> And if you find I am wrong something, please point in out.
> Any your suggestion will help me greatly.
> Thanks.
I'm currently looking at doing 2 things to make VNC more secure, while
keeping it easy for the not-so-security-concerned.
1) Add OpenSSL support, together with some compression algorithm. This
would be a compile time option. I could also imagine having kind of
"pluggable transport" where different transport methods could be
hooked in at run time. But this seems a bit complicated.
2) Add some kind of PAM like authentication plugin framework. This
would allow to plug in all kinds of authentication
mechanisms. E.g. it could replace all the patches for NT Domain
authentication and the like, these could be then written as
modules.
anybody cares to comment?
Joe
---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------