WinVNC & -nevershared

Alex Angelopoulos alex "at" bittnet.com
Wed, 06 Mar 2002 21:23:10 +0000


I think the "big" depends on context.  What it *does* do is underscore the
issues in the current security model of VNC as it is implemented on Windows.

I think if Rob can come up with a patch to make it accept a -nevershared it
_will_ shut down a significant vulnerability in the current model.  The
prickly issue is how do you implement a *good* security model without either
writing an entire user management system or a large chunk of code to access
the system's security model?



----- Original Message -----
From: "Michael Ossmann" <michael.ossmann "at" alttech.com>
To: <vnc-list "at" uk.research.att.com>
Sent: Wednesday/2002 March 06 12.28
Subject: Re: WinVNC & -nevershared


: On Tue, Mar 05, 2002 at 06:21:40PM -0700, Rob Kenyon wrote:
: >
: > I can honestly state that I actually read the docs before posting.
: > Notice that "ConnectPriority" states:
:
: Sorry to be so hard on you; I just wanted to be certain.  Thanks for the
: great clarification.  That's a pretty big issue, and something that I'm
: adding to my list of VNC vulnerabilities.  If you decide to fix it, I
: suggest starting with the TightVNC code and submitting a patch to Const.
:
: --
: Mike Ossmann, Tarantella/UNIX Engineer/Instructor
: Alternative Technology, Inc.  http://www.alttech.com/
: ---------------------------------------------------------------------
: To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
: 'unsubscribe vnc-list' in the message BODY
: See also: http://www.uk.research.att.com/vnc/intouch.html
: ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------