On 11-06-03 09:36 AM, Mario Limonciello wrote:
On Fri, Jun 3, 2011 at 10:16, Bilal Akhtar<bilalakh...@ubuntu.com> wrote:
Hi
I originally posted this message as [Bug 790009] on Launchpad.
It was suggested that this list is a better place for the suggestion.
------
Having "remote desktop" as an option in the default installation
creates a security risk.
It invites new users to enable it, not understanding the security
implications. They then end up with unwanted connections to their
machine. A quick look around the "security discussions" forum on
ubuntuforums shows that this happens quite frequently.
I propose that it should be removed from the LiveCD. If a remote connection
program is needed, then something that*requires* SSH tunnelling could be
provided.
--
Jane Atkinson
(Irihapeti)
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Removing sounds like a fairly heavy footed approach. If the UI to enable it
isn't informative enough to explain the security implications, perhaps that
UI should just be improved instead.
The UI allows the user to setup remote access without a password, either
a password should be generated automatically, or it shouldn't be enabled
without having to enter a password manually, and I really feel that uPNP
shouldn't be an option during setup.
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
