Bug 165334 - VNC -localhost should be default
VNC -localhost should be default
Product: Fedora
Classification: Fedora
Component: vnc (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tim Waugh
David Lawrence
: Security
Depends On:
Blocks: FC5Target
  Show dependency treegraph
Reported: 2005-08-07 23:26 EDT by Jonathan S. Shapiro
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 4.1.1-16
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-08-11 07:30:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jonathan S. Shapiro 2005-08-07 23:26:51 EDT
In the absence of a firewall, the default VNC execution mode is insecure. It
encourages transmission of passwords in the clear over the local net. Therefore,
the -localhost option should be the default.

In the presence of a firewall, either the customer punches an insecure hole for
VNC leading to disclosed passwords, or they use ssh tunneling, in which case
having the -localhost default suffices.

In either case, -localhost should be the default mode of operation.

On another note, would RedHat integrate an OpenSSL/StartTLS patch if I could dig
one up?
Comment 1 Tim Waugh 2005-08-08 06:08:06 EDT
I tend to agree, although it seems to be hard enough already for people to get
VNC working what with one thing and another.  I certainly think it should be
mentioned in the example in /etc/sysconfig/vncservers.

Not sure about OpenSSL -- if you file the patch in a separate bug report I'll
take a look.

It would be great if vino could support secure connections out of the box: I
think that's probably what most new users use first.
Comment 2 Jonathan S. Shapiro 2005-08-11 11:10:31 EDT
Pardon a silly question, but just in case...

I do not *recall* any command line option to vncserver that would be equivalent
to -remotehost. If -localhost becomes the default, then we may need to add a new
option to allow remote connections to be enabled.

And if we do *that*, we need a global configuration file option to prohibit its use.

No urgency, and I think this can wait to see if there is pushback, but I wanted
to have it in the record...
Comment 3 Tim Waugh 2005-08-11 11:14:19 EDT
As I hinted in comment #1 (but perhaps did not make explicit), we will add the
'-localhost' option to the example in the sysconfig file, but the default
behaviour of Xvnc will be unchanged.
Comment 4 Jonathan S. Shapiro 2005-08-11 11:16:58 EDT
I understand why this is the right fix from your perspective, but can you tell
me if there is a way to push the RFE upstream? Does RealVNC have a method for
accepting bug requests?
Comment 5 Tim Waugh 2005-08-11 11:29:46 EDT
The best thing to do is send email to the vnc-list mailing list I think.

Note You need to log in before you can comment on or make changes to this bug.