Re: [Xen-devel] ioemu: empty vnc passwd

[John Levon <levon@xxxxxxxxxxxxxxxxx>]

On Wed, Jan 23, 2008 at 05:43:38PM +0000, Daniel P. Berrange wrote:

> > Except on Solaris we don't have such a default - the user's forced to
> > set something (there doesn't seem to be even a vaguely secure default?)
> 
> There's no sane default for VNC passwords - whether you have on or not
> its still basically insecure due to design of the VNC auth, hence the
> config just defaults to '' & 127.0.0.1 which is as good as you'll get 
> for VNC over TCP. 

So the only sane default is "don't let it work at all", right? Which is
what we're doing.

> If we wanted a real secure out of the box setup, we'd need to make XenD 
> only expose the VNC server as a UNIX domain socket, so that access can
> be restricted to root.

Yep, like you mentioned on IRC.

> Of course no VNC client knows how to connect to a VNC 

But of course :) sigh.

> server over a UNIX domain socket directly. You can use netcat + ssh to
> tunnel to/from a remote host. I could also extend GTK-VNC & virt-manager
> and/or virt-viewer to support it pretty easily.

Both of those support the encryption extension already though, if I
understand it right - and that seems sane enough.

regards
john

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel