Ticket #1960 (closed defect: fixed)
VboxHeadless ignores "<RemoteDisplay enabled="false" ..." => Fixed in 1.6.6
|Reported by:||leoniman||Owned by:|
Ubuntu desktop 8.04.1, VirtualBox 1.6.4 AMD64.
I have a VM which contains:
<RemoteDisplay enabled="false" port="3901" authType="Null" authTimeout="5000"/>
I.e. the VRDP server is configured but not enabled. I start this VM with VBoxHealess and the VRDP is remotely accessible even if I disabled it. I think this is a security problem because with VBoxHeadless I have no way to prohibit remote connection (and currently the external Authentication has problems causing segmentation faults).
IMHO the VBoxHeadless should respect enable/disable as stated in VM conf, and eventually override it only in case the listening port is specified on VBoxHeadless command line (or via explicit option).
- Summary changed from VboxHeadless ignores "<RemoteDisplay enabled="false" ..." to VboxHeadless ignores "<RemoteDisplay enabled="false" ..." => Fixed in 1.6.6