Fix for x11vnc running without password w/fl_teachertool

[Robert Arkiletian]

On 9/7/07, Jim Kronebusch <jim at winonacotter.org> wrote:
> I posted this on the other thread but I want to be sure this is noticed by anyone who
> installed fl_teachertool.  There was a bug that x11vnc was starting up on the clients
> without the need for a password and any user on the network could scan/find a client and
> control without any authentication.  The fix is very easy.  Since Robert's instructions
> already had us copy the .vnc/passwd file to /opt/ltsp/i386/root/.vnc/passwd we only need
> to make one change to fix things.  In /opt/ltsp/i386/etc/rc.local make the line to start
> x11vnc read like so:
>
> x11vnc -display :6 -rfbauth /root/.vnc/passwd -forever -shared -loop &
>

Thanks Jim. That's what I was trying to do last night. Perfect.


> Then reboot your clients and all will be well.  I didn't test this with the Broadcast or
> Spotlight features, but as it works with mOnitor and Control I assume things will work
> just fine.

Broadcasting/Spotlight is not really a security issue. I assume nobody
is going to put anything important into /home/vncuser. Basically,
vncuser is a dummy user that is only used to start the vnc4server
which everyone connects to through vncreflector (without passwords).
So I'm assuming vncuser is not a real account for a person. I had to
do it this way because of the method to start vnc4server. In k12ltsp
it was different. Xinetd started a vnc server (run as nobody) with a
login window connecting with xdmcp. But Edubuntu does not have this
default behavior. One thing I can do is kill the vnc4server process
upon exit of fl_teachertool. So one can only connect to vncuser while
fl_teachertool is broadcasting.

-- 
Robert Arkiletian
Eric Hamber Secondary, Vancouver, Canada
Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/
C++ GUI tutorial http://www3.telus.net/public/robark/