Re: [Xen-devel] [PATCH] vnclisten for HVM vnc

On Wed, Sep 27, 2006 at 03:36:16PM -0400, Jeremy Katz wrote:
> On Sat, 2006-09-02 at 12:55 -0400, Jeremy Katz wrote:
> > Implement a 'vnclisten' option to limit the interface that the VNC
> > server from qemu listens on.  This leaves the default behavior as
> > listening on all interfaces.
> > 
> > Signed-off-by: Jeremy Katz <katzj@xxxxxxxxxx>
> 
> danpb said something about this and it reminded me I never saw any
> feedback.... Bueller? :-)

IMHO, we should only listen on 127.0.0.1  by default - particularly since
the Xen 3.0.3 release isn't going to have password authentication on the
VNC servers yet :-(   It'll be all too easy for someone to turn on VNC
in the guest config & not realize they just opened themselves up to any
person on the network by default. That kind of default insecure behaviour 
is best left in the Windows world 

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Xen-devel] [PATCH] vnclisten for HVM vnc, Jeremy Katz

Next by Date:

Re: [Xen-devel] [PATCH] vnclisten for HVM vnc, Jeremy Katz

Previous by Thread:

Re: [Xen-devel] [PATCH] vnclisten for HVM vnc, Jeremy Katz

Next by Thread:

Re: [Xen-devel] [PATCH] vnclisten for HVM vnc, Jeremy Katz

Indexes:

[Date] [Thread] [Top] [All Lists]