windows
windows copied to clipboard
Security issue on noVNC
Hi, thanks for your great work and it is indeed awesome!
I would like to notice that exposing noVNC without any authentication is dangerous, even exposing the port to localhost manually. Since this is a docker environment, suppose other docker container has vulnerability and an attacker gain access to it, the attacker can easily take over the windows docker by simply accessing the noVNC port.
Possible solution:
Optional configuration: Specify username and password in the docker yml file or from a file in the shared folder. When container starts, edit the Nginx configuration to add authentication.
Hi,
Thanks for the suggestion. However adding password authentication via nginx would not really help, because all that viewer does is to connect to the VNC port of QEMU which has no password. And yes, it is possible to also set a password on the VNC port, but its not very useful:
The VNC protocol has limited support for password based authentication. Since the protocol limits passwords to 8 characters it should not be considered to provide high security. The password can be fairly easily brute-forced by a client making repeat connections.
Also, you can connect via RDP without password, so its not just an issue with VNC currently. I did this to keep the container easy to use and because I do not expect people to use this container for anything really important except for some short experiments.
If anyone wants to make it more secure, the simple solution is that they change the Windows password for the Docker user. This will also prevent mis-use of the VNC port as you would not be able to use the viewer without logging in to Windows.
This isnt an issue but I see there is a option to disable KVM with "KVM=N". Once the VM is set up, you could disable KVM and just use RDP thus negating the VNC issue.
I cant get this working though.
Is this reccomended & how would I acheive this?
@ajb3932 I don't see how KVM has anything to do with it? That is just a method for hardware accelerating CPU instructions, if you disable it it has no influence on VNC at all (the only difference you will notice is that the machine runs slower).
If you want to disable VNC you can set the flag DISPLAY: "disabled"
in the compose file. But setting a Windows user password should already be sufficient to not have to do that.
Thanks, yes sorry for my ignorance. That helps a lot 😊