On Fri, 14 Feb 2003, Cliff Sarginson wrote: > I am going to chirp in here again. > All this talk about incorporating code into vnc. > What is wrong with attempting to tunnel it through ssh ? > This is done in other contexts.
I do that. But can I get other users to do it? I don't think so. It's too much hassle. I don't know of a way to allow access to VNC only through a tunnel. Is it possible to impose that on users? If so, please tell me what I have to do (in Xvnc/unix context). > Or perhaps link into some well defined secure library through an API, > surely no-one is seriously suggesting ripping hunks of code from one > secure product and planting that code in place into another product. Now > security issues that come up in the original code have to be fixed again > in the hijacked code. > > This is not sound software engineering. If you "rip hunks of code" from a product, that might save you a lot of time. What makes you think that writing it from scratch will help you to avoid security issues? It seems to me that established, well-tested code would have fewer problems than something new. Mike _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
