Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 165334 - VNC -localhost should be default
Summary: VNC -localhost should be default
Alias: None
Product: Fedora
Classification: Fedora
Component: vnc
Version: 4
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: David Lawrence
Depends On:
Blocks: FC5Target
TreeView+ depends on / blocked
Reported: 2005-08-08 03:26 UTC by Jonathan S. Shapiro
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: 4.1.1-16
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-08-11 11:30:31 UTC

Attachments (Terms of Use)

Description Jonathan S. Shapiro 2005-08-08 03:26:51 UTC
In the absence of a firewall, the default VNC execution mode is insecure. It
encourages transmission of passwords in the clear over the local net. Therefore,
the -localhost option should be the default.

In the presence of a firewall, either the customer punches an insecure hole for
VNC leading to disclosed passwords, or they use ssh tunneling, in which case
having the -localhost default suffices.

In either case, -localhost should be the default mode of operation.

On another note, would RedHat integrate an OpenSSL/StartTLS patch if I could dig
one up?

Comment 1 Tim Waugh 2005-08-08 10:08:06 UTC
I tend to agree, although it seems to be hard enough already for people to get
VNC working what with one thing and another.  I certainly think it should be
mentioned in the example in /etc/sysconfig/vncservers.

Not sure about OpenSSL -- if you file the patch in a separate bug report I'll
take a look.

It would be great if vino could support secure connections out of the box: I
think that's probably what most new users use first.

Comment 2 Jonathan S. Shapiro 2005-08-11 15:10:31 UTC
Pardon a silly question, but just in case...

I do not *recall* any command line option to vncserver that would be equivalent
to -remotehost. If -localhost becomes the default, then we may need to add a new
option to allow remote connections to be enabled.

And if we do *that*, we need a global configuration file option to prohibit its use.

No urgency, and I think this can wait to see if there is pushback, but I wanted
to have it in the record...

Comment 3 Tim Waugh 2005-08-11 15:14:19 UTC
As I hinted in comment #1 (but perhaps did not make explicit), we will add the
'-localhost' option to the example in the sysconfig file, but the default
behaviour of Xvnc will be unchanged.

Comment 4 Jonathan S. Shapiro 2005-08-11 15:16:58 UTC
I understand why this is the right fix from your perspective, but can you tell
me if there is a way to push the RFE upstream? Does RealVNC have a method for
accepting bug requests?

Comment 5 Tim Waugh 2005-08-11 15:29:46 UTC
The best thing to do is send email to the vnc-list mailing list I think.

Note You need to log in before you can comment on or make changes to this bug.