On Tue, Feb 15, 2011 at 04:42:32PM -0600, DRC wrote: > On 2/15/11 3:11 PM, Martin Koegler wrote: > > Making the vncviewer ssh into the server as the user, detecting all > > running VNC servers of the user and finally let the user select to > > connect to one instance or start a new session: I'm really missing > > such a feature [I had done such experiments too: > > http://e9925248.users.sourceforge.net/vnctermserv/]. > > > > The challenge for such script solution is, that they are complicated > > on the windows client side [no scripting, no ssh]. > > That's why a lot of people are implementing it via a web portal. You > log into the portal, and it will invoke and parse 'vncserver -list' to > show you your active sessions, letting you either connect to one of > those or start a new one. In either case, a new one-time password is > generated, and a .vnc connection file is generated on the fly with this > password, the hostname, port, etc. Then, you simply open the .vnc file > with your installed version of VNCViewer. I modified the TurboVNC Unix > viewer to read these connection files as well, and it would be easy to > make TigerVNC do the same thing.
Both approches use different security models: * sshing as user on the server and then executing the rest (session listing, ...) as user too fits in the unix permission schema: The client only does automatically, what the user could have done manually - so no extra permissions are necessary. * In the web portal case, the webserver needs additional privileges to act on behalf of the user (eg. list/start sessions). And: If there is an need for an additional web application based on the same technology as the VNC portal, how many user are deploying it on the same webserver, so that that the second application runs with the additional permissions too? Regards, Martin Kögler ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel