[pve-devel] new vnc 1.2 works fine now with http://fqdn....

Dietmar Maurer dietmar at proxmox.com
Sun Apr 21 09:59:44 CEST 2013


Would it be better if you use java webstart? Is that considered safer?

> > You miss the point. Once you accept a digitally signed applet from a
> > specific source you have forever accepted any applet signed with this
> > certificate regardless of the server sending it to you to run on your
> > computer with full access. If the user also have answered yes to run
> > this applet every time there will be no warning the next time an
> > applet signed with the same certificate wants to run on the users computer
> regardless of the applets point of origin.
> 
> No, I do not miss the point. I do not say that this is particularly good, but it is not
> really worse than an locally installed application with 'auto-update' feature.
> I am always scared when I see what my printer driver software is doing ;-)
> 
> Besides, I do not understand why oracle choose such defaults. I guess it would
> be much safer to only allow specific applets.



More information about the pve-devel mailing list