Hello,
I have noticed some troubling behavior as I have familiarized
myself with vnc. I am hoping that is is only due to a poor default
configuration and that someone can point me to the right place to
reconfigure what I'm about to describe.
No doubt I am a newbie to VNC so I apologize if there is a known and
trivial fix, but I couldn't find it in any of the docs.
I have noticed that by using the following combination, I can open
a session with ANY RUNNING VNCSERVER on that machine!!
I am running on Linux Mandrake 9.1, tightvnc 1.2.7-2,
# first run the viewer in reverse mode:
# (-listen 99 makes it listen on port 5599)
$ vncviewer -listen 99 &
# let's see the running servers ...
$ ps auxw | grep Xvnc
root [snip] Xvnc :0 -desktop X -ht ... etc.
wanda [snip] Xvnc :1 -desktop X -http ... etc.
jack [snip] Xvnc :2 -desktop X -httpd ... etc.
mark [snip] Xvnc :3 -desktop X -httpd /u ... etc.
# take your pick of X display numbers and you can open a
# connection with vncconnect ...
# lets pick the display number root is using :0
$ vncconnect -display :0 localhost:5599
# WHAMO! root's X display at my disposal!!
# any user can connect to any other user's running vncserver this
# way. Granted it probably isn't too wise to leave a root
# vncserver running, but that is beside the point really.
So, is this a bug or a feature? Does anyone know how to disable
this behavior?
thanks
theo
PS I usually try to run things fairly securely. I discovered this
after I had already set up users with ssh tunnels for the vnc
connection, and I was just curious about the `-listen' option, I
wasn't even checking for security holes. Then, like I said, WHAMO!
_______________________________________________
VNC-List mailing list
[EMAIL PROTECTED]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
