Red Hat Bugzilla – Bug 132704
RFE: Attempt to prevent vncviewers of your desktop while in your desktop
Last modified: 2007-11-30 17:10:49 EST
Description of problem:
use the vino preference dialog and then i did a very bad thing
i have seen into the blackness of infinity and it scared me. We must
prevent the void from destroying the soul of anyone else.
Is there a way to prevent people from viewing the desktop while IN the
desktop? Maybe via the $DISPLAY variable and doing a comparison of ip
address and display number in an effort to prevent people from seeing
an infinite cascade of desktops within desktops.
Steps to Reproduce:
1.active vino on localhost:0
3.run in horror at the horror of cascading desktops within desktops.
4.close the vncviewer window to restore reality
Prevent cascading desktops within desktops by prevention a connection
from a vncviewer on the same display as the vino server.
Other than that...it actually seems to work.
Created attachment 103893 [details]
The blackness of infinity captured in a screenshot
Oh, come now - its not that bad! I'd never have been able to write the
thing without this feature :-)
Honestly, I don't think there's a better alternative than the
cascading desktops - an error dialog like "You can't do this!" would
actuall be worse, IMHO.
I think its fairly easy for someone to figure out what's going on
(anyone who's played with two mirrors ...) - what might make it easier
would be if vncviewer didn't start up maximised ..
Why would a "you cant do this" message be worse... for the average
desktop user? Not you as a developer, and not me as a technically
competent user. Take a close look at that screenshot, tell me which
one of those mouse pointers is the real one. Average users might
comprehend the mirror within mirror concept, but they might not be
able to navigate their way out of it to close the window. I would very
much like to avoid that situation for everyone who doesn't explicitly
NEED that feature. There is a reason why a hall of mirrors was a
popular carnival attraction...and it wasn't because people made it
through then with ease and efficiency.
I ask becuase I've seen this implemented by default with tightvnc on
the operating system which must not be named. Run tightvnc viewer
trying to talk back to a tightvnc server on a windows box with the
default settings and you get a "loopback connections not allowed". For
full disclosure the way they implement it is just by ip address and
not by ipaddress + display number which isn't ideal. So they lock out
ALL viewers on the same ip address as the server, which doesn't work
for some situations. But thats OKAY, because anyone who knows they
need a loopback viewer is competent enough to reconfigure with
additional options, the defaults shouldn't serve them...the defaults
should protect the innocent.
There are of course situations where you want to allow loopback
connections, I'm not asking for loopbacks to be removed completely.
But relying on people like the "office professionals" in my family to
comprehend the mirror into a mirror concept is giving them way to much
credit. And even if they do correctly grasp the physical analogy and
take a moment to ponder the deep mysteries of how the virtual world
mimics the physical world. They are more likely to hit the power
button on the computer and reboot instead of trying to calmly diagnose
the problem and figure out which of the several mouse pointers in the
window is the real one and close the correct window.
Please reconsider implementing a check to prevent cascading by default.
An error dialog would be worse because its a perfect example of
"software blames users".
A dialog like this is basically saying "You fool! You can't do this!
What were you thinking?".
What does "loopback connections not allowed" say to someone who
doesn't really know what's going on ?
Your attempt to perform an operation without fully
understanding the consequences firmly places you
in the category of gibbering idiot.
Please do not attempt to try this again until you
have fully educated yourself on the following technical
There are much better ways of fixing problems like this than making
users feel stupid.
So, the problem here is that when you connect vncviewer to your
display, the viewer starts up maximised and creates a bewildering
series of nested displays.
First thing to consider - how do we design things so that users who
won't understand are less likely to do this? Currently, I don't think
its very easy to do fall into that trap - maybe if you copied and
pasted the command from the preferences dialog into the run dialog,
but if you're capable of doing that, you're probably capable of
figuring out what happened and you're unlikely to have ignore the
"Users can view *your* desktop using this command" label above the
Second thing to consider - how do we design things such that things
are less bewildering if users do this. I can think of a few ideas:
1) If the window was initially a much smaller size, the mirror
in mirror effect would be much more obvious and much less
Problem here is that when you want to use vncviewer for real,
you *do* want the window to be large.
2) You could perhaps popup an explantory dialog before displaying
the main window:
You are about to see something very confusing!
[ ] Do not warn me again
[No, Don't Confuse Me!] [View Anyway]
However, its well understood that people tend to ignore dialogs
like this and you're much better off making your interface
easily learnable to begin with.
I don't really like either of these solutions and I don't think its
terribly easy for someone to get themself in this situation, so I'm
not overly concerned right now.
Okay, I think I've explained my rationale here. Closing