[Security] Nearly had heart attack ! :-O
John McCabe-Dansted
gmatht at gmail.com
Fri Mar 16 12:45:31 GMT 2007
On 3/15/07, Vincent Trouilliez <vincent.trouilliez at modulonet.fr> wrote:
> Hu ?! Really ? I am glad to hear that :o)
> However on my box it was all wide opened.
> Hmm, it's probably because I use a separate /home partition, even on
> when testing the development versions of Ubuntu. I must have played
> with that functionality just once, years ago, had forgotten about it,
> but Gconf didn't forget ! ;-)
> I am glad to hear it's secure by default then, phew.
It still sounds worrying. I don't think the GUI should allow the user
to set a weak password in conjunction with no user prompt before
giving the remote user access. Even in a "trusted" network you
probably don't want every user and their malware to be able to take
over your desktop. (Also number of allowed connect attempts should
probably be limited if it isn't already, especially if Ubuntu asks the
user each time someone attempts to connect).
--
John C. McCabe-Dansted
PhD Student
University of Western Australia
More information about the sounder
mailing list