On 07/27/2010 05:22 AM, DRC wrote:
On 7/26/10 6:54 PM, Antoine Martin wrote:
As someone said, you can bypass the restrictions by downloading other
Xvnc binaries for your platform of choice. (see rpmfind and others)
So the restriction is just an illusion of security, and I worry that
people
On 07/23/2010 04:24 PM, DRC wrote:
On 7/23/10 3:40 AM, Martin Koegler wrote:
On Thu, Jul 22, 2010 at 04:02:52PM -0500, DRC wrote:
This makes the use of extended authentication types somewhat useless
from the point of view of a SysAdmin, though. If there is not a way for
them to enforce, or
On 07/26/2010 11:38 PM, DRC wrote:
On 7/26/10 4:43 PM, Antoine Martin wrote:
You're missing my point. What I'm trying to do is implement a mechanism
whereby the SysAdmin can set global defaults for all TigerVNC server
sessions on the system. Yes, there are always ways to hack around this,
I believe he is referring to the ability of the user to upload and run a
binary that does not look at that config file. All pre-compiled and
ready for joe user to upload. This too could be prevented by locking
down filesystems with noexec mount options, iptables rules, and/or
selinux
On Thu, Jul 22, 2010 at 04:02:52PM -0500, DRC wrote:
This makes the use of extended authentication types somewhat useless
from the point of view of a SysAdmin, though. If there is not a way for
them to enforce, or at least strongly encourage, the use of secure
authentication on a system-wide
On 7/23/10 3:40 AM, Martin Koegler wrote:
On Thu, Jul 22, 2010 at 04:02:52PM -0500, DRC wrote:
This makes the use of extended authentication types somewhat useless
from the point of view of a SysAdmin, though. If there is not a way for
them to enforce, or at least strongly encourage, the use
On Thu, Jul 22, 2010 at 07:27:28AM +0200, Martin Koegler wrote:
On Wed, Jul 21, 2010 at 12:48:05PM -0500, DRC wrote:
On 7/21/10 3:16 AM, Adam Tkac wrote:
This is a valid argument but I would like to see feedback from other
TigerVNC developers to decide which types should be enabled by
On 7/22/10 12:27 AM, Martin Koegler wrote:
-- A set of allowed security types can be configured for the VNC
server. It should be possible for a SysAdmin to specify this in a
central config file, which will take precedence over command line
options or per-user config files (thus, if a SysAdmin
On 7/21/10 3:16 AM, Adam Tkac wrote:
This is a valid argument but I would like to see feedback from other
TigerVNC developers to decide which types should be enabled by
default. I will open a separate thread for this.
I am joining into this discussion late, so I don't think I fully
understand
On Wed, Jul 21, 2010 at 12:48:05PM -0500, DRC wrote:
On 7/21/10 3:16 AM, Adam Tkac wrote:
This is a valid argument but I would like to see feedback from other
TigerVNC developers to decide which types should be enabled by
default. I will open a separate thread for this.
I am joining into
On Sat, Jul 17, 2010 at 04:47:22PM +0200, Martin Koegler wrote:
This patchset contains various fixes/changes related to the security type
handling.
Thanks for your patchset, after quick look they seem fine and really useful
for me.
I will process commit them this week, together with the X509
This patchset contains various fixes/changes related to the security type
handling.
1 removes a leftover declaration
2-4 fixes the security type parameter in the vncviewer. The viewer has the
problem, that
the handshake phase in the viewer uses a hardcoded list containing all security
types.
12 matches
Mail list logo