I believe he is referring to the ability of the user to upload and run a binary that does not look at that config file. All pre-compiled and ready for joe user to upload. This too could be prevented by locking down filesystems with noexec mount options, iptables rules, and/or selinux policies though it would take a bit of setup work. I believe an admin trying to have a secure remote desktop session using TigerVNC would do that though...
The big difference in opinions is between a service mode config and a user process config. With server mode configs, root owned files have the final say while with user process configs the user can override settings. The downside is that VNC is useful for both. I personally think it should be forced by a root controlled config file for anything security related. The biggest advantage of the TigerVNC fork which is integrated TLS should not be crippled by allowing it to be overridden by joe user. Robert DRC wrote: > On 7/26/10 4:43 PM, Antoine Martin wrote: > >>> You're missing my point. What I'm trying to do is implement a mechanism >>> whereby the SysAdmin can set global defaults for all TigerVNC server >>> sessions on the system. Yes, there are always ways to hack around this, >>> but the idea is to make it difficult enough to hack around that most >>> users won't bother. If a SysAdmin prefers that the insecure security >>> types, such as VncAuth, not be exposed by default, then they should be >>> able to at least make it difficult for a user to use those types. >>> > > >> I think the point was understood, but we are discussing the value of >> having a "security" feature which is trivial to bypass and makes the use >> of the command line options less intuitive. Personally I do not like >> this type of "features".. >> > > You have still not explained how a hard-coded authentication > configuration file that only root has write access to is "trivial" to > bypass. > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://ad.doubleclick.net/clk;226879339;13503038;l? > http://clk.atdmt.com/CRS/go/247765532/direct/01/ > _______________________________________________ > Tigervnc-devel mailing list > Tigervnc-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tigervnc-devel > ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://ad.doubleclick.net/clk;226879339;13503038;l? http://clk.atdmt.com/CRS/go/247765532/direct/01/ _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
