Red Hat Bugzilla – Bug 132704
RFE: Attempt to prevent vncviewers of your desktop while in your desktop
Last modified: 2007-11-30 17:10:49 EST
Description of problem: use the vino preference dialog and then i did a very bad thing vncviewer localhost:0 i have seen into the blackness of infinity and it scared me. We must prevent the void from destroying the soul of anyone else. Is there a way to prevent people from viewing the desktop while IN the desktop? Maybe via the $DISPLAY variable and doing a comparison of ip address and display number in an effort to prevent people from seeing an infinite cascade of desktops within desktops. Steps to Reproduce: 1.active vino on localhost:0 2.vncviewer localhost:0 3.run in horror at the horror of cascading desktops within desktops. 4.close the vncviewer window to restore reality Expected results: Prevent cascading desktops within desktops by prevention a connection from a vncviewer on the same display as the vino server. Other than that...it actually seems to work. -jef
Created attachment 103893 [details] The blackness of infinity captured in a screenshot
Oh, come now - its not that bad! I'd never have been able to write the thing without this feature :-) Honestly, I don't think there's a better alternative than the cascading desktops - an error dialog like "You can't do this!" would actuall be worse, IMHO. I think its fairly easy for someone to figure out what's going on (anyone who's played with two mirrors ...) - what might make it easier would be if vncviewer didn't start up maximised ..
Why would a "you cant do this" message be worse... for the average desktop user? Not you as a developer, and not me as a technically competent user. Take a close look at that screenshot, tell me which one of those mouse pointers is the real one. Average users might comprehend the mirror within mirror concept, but they might not be able to navigate their way out of it to close the window. I would very much like to avoid that situation for everyone who doesn't explicitly NEED that feature. There is a reason why a hall of mirrors was a popular carnival attraction...and it wasn't because people made it through then with ease and efficiency. I ask becuase I've seen this implemented by default with tightvnc on the operating system which must not be named. Run tightvnc viewer trying to talk back to a tightvnc server on a windows box with the default settings and you get a "loopback connections not allowed". For full disclosure the way they implement it is just by ip address and not by ipaddress + display number which isn't ideal. So they lock out ALL viewers on the same ip address as the server, which doesn't work for some situations. But thats OKAY, because anyone who knows they need a loopback viewer is competent enough to reconfigure with additional options, the defaults shouldn't serve them...the defaults should protect the innocent. There are of course situations where you want to allow loopback connections, I'm not asking for loopbacks to be removed completely. But relying on people like the "office professionals" in my family to comprehend the mirror into a mirror concept is giving them way to much credit. And even if they do correctly grasp the physical analogy and take a moment to ponder the deep mysteries of how the virtual world mimics the physical world. They are more likely to hit the power button on the computer and reboot instead of trying to calmly diagnose the problem and figure out which of the several mouse pointers in the window is the real one and close the correct window. Please reconsider implementing a check to prevent cascading by default. -jef
An error dialog would be worse because its a perfect example of "software blames users". A dialog like this is basically saying "You fool! You can't do this! What were you thinking?". What does "loopback connections not allowed" say to someone who doesn't really know what's going on ? Error: Your attempt to perform an operation without fully understanding the consequences firmly places you in the category of gibbering idiot. Please do not attempt to try this again until you have fully educated yourself on the following technical concepts ... [Ok] [Cancel] There are much better ways of fixing problems like this than making users feel stupid. So, the problem here is that when you connect vncviewer to your display, the viewer starts up maximised and creates a bewildering series of nested displays. First thing to consider - how do we design things so that users who won't understand are less likely to do this? Currently, I don't think its very easy to do fall into that trap - maybe if you copied and pasted the command from the preferences dialog into the run dialog, but if you're capable of doing that, you're probably capable of figuring out what happened and you're unlikely to have ignore the "Users can view *your* desktop using this command" label above the command. Second thing to consider - how do we design things such that things are less bewildering if users do this. I can think of a few ideas: 1) If the window was initially a much smaller size, the mirror in mirror effect would be much more obvious and much less scarey. Problem here is that when you want to use vncviewer for real, you *do* want the window to be large. 2) You could perhaps popup an explantory dialog before displaying the main window: You are about to see something very confusing! [ ] Do not warn me again [No, Don't Confuse Me!] [View Anyway] However, its well understood that people tend to ignore dialogs like this and you're much better off making your interface easily learnable to begin with. I don't really like either of these solutions and I don't think its terribly easy for someone to get themself in this situation, so I'm not overly concerned right now.
Okay, I think I've explained my rationale here. Closing