Hi, Corni - haven't seen you in ages!
Comments inline. Just to make it clear, I'm not proposing any of the items below as "core" VNC changes - just possible strategies to explore with helper tools.
Corni Beerse wrote:
Alex K. Angelopoulos wrote:
... it might be helpful if VNC could be set to either delete the registry keys for passwords on exit or to never save the password at all.
The note from Wez about commandline specification actually seems the best way to go. It could fall afoul of Win9x commandline length limitations, but a very simple UI to spawn VNC could validate that while hiding the console from less ept users...
afaik, VNC installs 2 registry hives: one for the current user and one for the system. Both have a password entry. As long as no-one is logged-in, the system-hive and hence the password in there rules. ONce the user is logged-in, the users hive prevails and its password works.
Yes. And if I remember correctly (it's been a while for service mode VNC for me, and that was in the old 3.x days), it is more complicated if there's a user logged on and no per-user password IIRC - the oddities of Windows password databases when VNC encountered them produced a very complex situation... :(
My idea with this is that you can do one of the next: 1: fill the password in the system-hive with some text (like 'no-password') and no-one will be able to vnc as long as no-one is logged in.
With RealVNC 4, a helper applet could just nuke the key as well as the others below...
3: Remove the password in the system-hive will remove the password question and give direct access. (removing the password on the user level is no security at all...)
As for your other remarks below, that matches what I seem to remember. I just tested VNC4, and here's what I see.
It DOES appear that user mode insists on its own password - although it may still read the one under HKU\.Default? - I need to check the source. But running user mode even with a service password set, VNC server won't log you in.
With only 1:, you roughly have what you want if the user is logged-out at the console.
I might be off at some point, like if the user has no password, it can fall-back to the system-password. Try and test with this and off you go.
NOte: VNC 4 has different security than vnc 3. My knowledge is based on vnc3 (and might be off at some points too).
CBee
_______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
