[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#654924: [Pkg-tigervnc-devel] Bug#654924: Re: Helping with tigervnc 1.5.0

Hi Martin

Good point about the depth. I guess we should consider that.

Regarding -localhost, yes that is a good security practice. On the other hand this is nothing that is started by default, it is always started by a human (or a human writing a script for it) so it is not a very important thing.

However there are plenty of use-cases for connecting to local host. You can run applications in a chroot, you can have a different desktop session as another user in the vnc server, you can have that server running there with more important tasks that must survive in case you have to restart your desktop session and so on. So there are plenty of use-cases. However they may not be the most common ones of course.

// Ola

On Wed, May 25, 2016 at 7:43 AM, Martin Dorey <Martin.Dorey@hds.com> wrote:
I'm concerned why /etc/vnc.conf and /usr/bin/tigervncserver set a depth of 32.  Per man Xtigervnc, that will cause problems for applications, problems that I've just described in a little more detail at http://stackoverflow.com/a/37428300/18096.  I think it should be 24, a setting which doesn't prevent applications from using transparency.

I'm also mildly bemused as to why /usr/bin/tigervncserver's default for -localhost is yes, again unlike the default for the underlying Xtigervnc.  I can imagine there being an argument that default security should be locked down.  Perhaps I'm just lacking in imagination as to why I might want to connect to localhost.

> Getting the llvmpipe part to work was a challenge.  I failed on the first system I tried, which had an nvidia :0.

In the perhaps unlikely event that there's anyone in the same boat, I succeeded with:

sudo update-alternatives --set glx /usr/lib/mesa-diverted
sudo update-initramfs -u

... though I eventually went into production setting this before starting tigervncserver:

LD_LIBRARY_PATH=/usr/lib/mesa-diverted/x86_64-linux-gnu:$LD_LIBRARY_PATH

_______________________________________________
Pkg-tigervnc-devel mailing list
Pkg-tigervnc-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-tigervnc-devel



--
 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Folkebogatan 26          \
|  ola@inguza.com                      654 68 KARLSTAD          |
|  http://inguza.com/                  +46 (0)70-332 1551       |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /
 ---------------------------------------------------------------

Reply to: