Prevent users from sending windows(xterm, gvim, ..) to my VNC display

About

Asked 17/5, 2016 at 3:56 Answered 9/2, 2017 at 7:35

Solved linux x11 vnc vnc-server vnc-viewer

VNC allows any user to send their windows like xterm, gvim, .. to any other user's VNC, using -display option of command or by setting my VNC display in DISPLAY variable.

Some users exploiting this feature and keep on sending xterms to my VNC. Is there any way where I can completely disable or selective allow other users?

My viewer details:

VNC Viewer 5.2.1 (r5668) 32-bit(Aug 18 2014 12:58:45) from RealVNC

I am looking for some options provided by this viewer/other to achieve this

Sunrise answered 17/5, 2016 at 3:56 Comment(7)

That has nothing to do with VNC. It's how X11 works. – Orabelle 8/2, 2017 at 6:39

This has nothing to do with programming. Voting to move. – Aulic 8/2, 2017 at 6:53

@n.m. Yes, it's not related to programming. Please move it to correct StackExchange – Sunrise 8/2, 2017 at 7:9

The command you're looking for is xhost. Read the manual page to understand how it works. It (dis)allows users or hosts to connect to your display. – Cornish 8/2, 2017 at 10:31

@Cornish Yes. When I do xhost -. Other users unable to send xterm to my VNC. Please post as an answer & elaborate on allowing other users selectively. – Sunrise 9/2, 2017 at 3:53

@BhargavKatkam I posted my answer here https://mcmap.net/q/1785647/-prevent-users-from-sending-windows-xterm-gvim-to-my-vnc-display – Cornish 9/2, 2017 at 7:36

Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. Also see Where do I post questions about Dev Ops? – Mocambique 10/2, 2017 at 15:31

The command you're looking for is xhost. xhost allows you to control access to your X environment and $DISPLAY. In your case, the default is probably "no access control" or xhost +.

By specifying xhost - you will disallow everyone (excluding yourself) access to your current $DISPLAY. Other users won't be able to run commands on your $DISPLAY anymore.

You can selectively add (or remove) users and/or machines from the access list, with xhost +si:localuser:username or xhost +otherhost. For more information on the si: syntax, please see the Xsecurity manual.

Cornish answered 9/2, 2017 at 7:35 Comment(2)

Though I have added xhost +si:localuser:<user>. <user> is unable to send xterm to my display. But if I add xhost <host>, <user> can send now – Sunrise 9/2, 2017 at 8:1

Is there any other way to allow users selectively? Also, where does xhost store these entries? – Sunrise 10/2, 2017 at 4:14

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags