On 7/26/10 4:43 PM, Antoine Martin wrote: >> You're missing my point. What I'm trying to do is implement a mechanism >> whereby the SysAdmin can set global defaults for all TigerVNC server >> sessions on the system. Yes, there are always ways to hack around this, >> but the idea is to make it difficult enough to hack around that most >> users won't bother. If a SysAdmin prefers that the insecure security >> types, such as VncAuth, not be exposed by default, then they should be >> able to at least make it difficult for a user to use those types.
> I think the point was understood, but we are discussing the value of > having a "security" feature which is trivial to bypass and makes the use > of the command line options less intuitive. Personally I do not like > this type of "features".. You have still not explained how a hard-coded authentication configuration file that only root has write access to is "trivial" to bypass. ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://ad.doubleclick.net/clk;226879339;13503038;l? http://clk.atdmt.com/CRS/go/247765532/direct/01/ _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
