[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] vnclisten for HVM vnc
On Wed, 2006-09-27 at 20:42 +0100, Daniel P. Berrange wrote: > On Wed, Sep 27, 2006 at 03:36:16PM -0400, Jeremy Katz wrote: > > On Sat, 2006-09-02 at 12:55 -0400, Jeremy Katz wrote: > > > Implement a 'vnclisten' option to limit the interface that the VNC > > > server from qemu listens on. This leaves the default behavior as > > > listening on all interfaces. > > > > > > Signed-off-by: Jeremy Katz <katzj@xxxxxxxxxx> > > > > danpb said something about this and it reminded me I never saw any > > feedback.... Bueller? :-) > > IMHO, we should only listen on 127.0.0.1 by default - particularly since > the Xen 3.0.3 release isn't going to have password authentication on the > VNC servers yet :-( It'll be all too easy for someone to turn on VNC > in the guest config & not realize they just opened themselves up to any > person on the network by default. That kind of default insecure behaviour > is best left in the Windows world I don't necessarily disagree, but changing the semantics like that felt a little bit ugly to me -- it definitely leads to a case where going from 3.0.2 -> 3.0.3 would break configurations users were actively using. Jeremy _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |