On Fri, Feb 14, 2003 at 03:32:09PM -0600, Mike Miller wrote: > On Fri, 14 Feb 2003, Cliff Sarginson wrote: > > > I am going to chirp in here again. > > All this talk about incorporating code into vnc. > > What is wrong with attempting to tunnel it through ssh ? > > This is done in other contexts. > > I do that. But can I get other users to do it? I don't think so. It's > too much hassle. I don't know of a way to allow access to VNC only > through a tunnel. Is it possible to impose that on users? If so, please > tell me what I have to do (in Xvnc/unix context). > I am thinking about it. I will have a look when I get some time. It is not a problem for me, because of restrictions I place on my network access..but I am curious. > > > Or perhaps link into some well defined secure library through an API, > > surely no-one is seriously suggesting ripping hunks of code from one > > secure product and planting that code in place into another product. Now > > security issues that come up in the original code have to be fixed again > > in the hijacked code. > > > > This is not sound software engineering. > > If you "rip hunks of code" from a product, that might save you a lot of > time. What makes you think that writing it from scratch will help you to > avoid security issues?
You are misunderstanding me. I am not suggesting writing it from scratch, I am saying that it is a serious maintenance problem to lift code out of exisiting products, that when the inevitable bugs are found in that product, they will have to be repaired in Xvnc as well. By using either an existing tool like ssh, or a library with a well defined API, you are using stuff that will be maintained at probably no more cost than a recompilation when that stuff breaks or is improved, or changes it's algorithms etc. I am suggesting to use existing tools as tools, as they are. > It seems to me that established, well-tested code > would have fewer problems than something new. > I don't disagree at all. > Mike > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > http://www.realvnc.com/mailman/listinfo/vnc-list -- Regards Cliff Sarginson The Netherlands [ This mail has been checked as virus-free ] _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
