Re: Vino (desktop sharing) seems to be rather unsecure. Should I submit a bug?
My understanding is that vino is disabled by default. However, it does seem to be perilously easy to enable. I don't understand why it's installed by default, and if I'm doing an installation from a liveCD (not all that often these days), it's one of the first applications I remove.
A few years back I tried bringing this point to the attention of the developers, but got dismissed rather rapidly. I'm not sure what it would take for them to consider that maybe it's a serious problem.
Certainly, vino and ssh are the two commonest breaches we see in this sub-forum.
BACKUPS are unsexy — until you discover you should have done one yesterday.
Spare your nerves and do one before you upgrade or install.
Bookmarks