> I now find that (in this, a standard install) the password hash is
> readable to all users, power users and administrators
> (HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\Default). This astounded me,
> and the other WinVNC users I know.
>
> So, if I'm not mistaken, by default even normal (i.e. only
> semi-trusted) users could potentially log in, read the hash and
> extract the password. Therafter they could both spy on and interfere
> with other users' sessions. And as soon as an Administrator went AFK,
> the box would be as good as own3d.
>
> I'm sure almost everybody here knows about VNC than I do, so perhaps
> you could tell me - is this all:
>
> a. Blindingly obvious to everyone else
> b. Not actually a problem, 'cos I'm muddled in some way
> c. Something that should be documented and/or changed
>
> I'd appreciate any thoughts, because this seems like a serious problem
> to me, yet I can't see how it could have gone unnoticed. I guess my
> money's on option b 8-)
This is a known problem that various people have brought up. The service
installation code should set these permissions to be Admin/SYSTEM only but
currently it doesn't.
So at the moment the solution is to change the permissions manually, or to
use a utility to do the same from a script when you install. Not ideal I
admit.
Cheers,
James "Wez" Weatherall
--
"The path to enlightenment is /usr/bin/enlightenment"
Laboratory for Communications Engineering, Cambridge - Tel : 766513
AT&T Labs Cambridge, UK - Tel : 343000
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
