On 9/7/07, Jim Kronebusch <[EMAIL PROTECTED]> wrote: > I posted this on the other thread but I want to be sure this is noticed by > anyone who > installed fl_teachertool. There was a bug that x11vnc was starting up on the > clients > without the need for a password and any user on the network could scan/find a > client and > control without any authentication. The fix is very easy. Since Robert's > instructions > already had us copy the .vnc/passwd file to /opt/ltsp/i386/root/.vnc/passwd > we only need > to make one change to fix things. In /opt/ltsp/i386/etc/rc.local make the > line to start > x11vnc read like so: > > x11vnc -display :6 -rfbauth /root/.vnc/passwd -forever -shared -loop & >
Thanks Jim. That's what I was trying to do last night. Perfect. > Then reboot your clients and all will be well. I didn't test this with the > Broadcast or > Spotlight features, but as it works with mOnitor and Control I assume things > will work > just fine. Broadcasting/Spotlight is not really a security issue. I assume nobody is going to put anything important into /home/vncuser. Basically, vncuser is a dummy user that is only used to start the vnc4server which everyone connects to through vncreflector (without passwords). So I'm assuming vncuser is not a real account for a person. I had to do it this way because of the method to start vnc4server. In k12ltsp it was different. Xinetd started a vnc server (run as nobody) with a login window connecting with xdmcp. But Edubuntu does not have this default behavior. One thing I can do is kill the vnc4server process upon exit of fl_teachertool. So one can only connect to vncuser while fl_teachertool is broadcasting. -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ -- edubuntu-users mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
