From 06987b1c0216429e6744bf5a2c306d0e6853f879 Mon Sep 17 00:00:00 2001
From: runge <runge@karlrunge.com>
Date: Fri, 18 Dec 2009 11:46:10 -0500
Subject: x11vnc: fix keycode and other remote control actions under        
 DIRECT: with an extra XFlush and other safety measures.        
 fflush(stderr) much in su_verify.  Make the -unixpw env. vars        
 UNIXPW_DISABLE_SSL and UNIXPW_DISABLE_LOCALHOST work correctly.         Make
 -loopbg actually imply -bg.

---
 x11vnc/x11vnc.1 | 33 ++++++++++++++++++---------------
 1 file changed, 18 insertions(+), 15 deletions(-)

(limited to 'x11vnc/x11vnc.1')

diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1
index f60842e..81f2af9 100644
--- a/x11vnc/x11vnc.1
+++ b/x11vnc/x11vnc.1
@@ -2,7 +2,7 @@
 .TH X11VNC "1" "December 2009" "x11vnc " "User Commands"
 .SH NAME
 x11vnc - allow VNC connections to real X11 displays
-         version: 0.9.9, lastmod: 2009-12-14
+         version: 0.9.9, lastmod: 2009-12-17
 .SH SYNOPSIS
 .B x11vnc
 [OPTION]...
@@ -1006,24 +1006,27 @@ To override the above restrictions you can set
 environment variables before starting x11vnc:
 .IP
 Set UNIXPW_DISABLE_SSL=1 to disable requiring either
-\fB-ssl\fR or \fB-stunnel.\fR  Evidently you will be using a
-different method to encrypt the data between the
-vncviewer and x11vnc: perhaps 
+\fB-ssl\fR or \fB-stunnel\fR (as under SSH_CONNECTION.)  Evidently
+you will be using a different method to encrypt the
+data between the vncviewer and x11vnc: perhaps 
 .IR ssh (1)
-or an IPSEC VPN.
-.IP
-Note that use of \fB-localhost\fR with 
-.IR ssh (1)
-is roughly
-the same as requiring a Unix user login (since a Unix
-password or the user's public key authentication is
-used by sshd on the machine where x11vnc runs and only
-local connections from that machine are accepted).
+or an IPSEC VPN. \fB-localhost\fR is still enforced (however,
+see the next paragraph.)
 .IP
 Set UNIXPW_DISABLE_LOCALHOST=1 to disable the \fB-localhost\fR
-requirement in Method 2).  One should never do this
+requirement in \fB-unixpw\fR modes.  One should never do this
 (i.e. allow the Unix passwords to be sniffed on the
-network.)
+network.)  This also disables the localhost requirement
+for reverse connections (see below.)
+.IP
+Note that use of \fB-localhost\fR with 
+.IR ssh (1)
+(and no \fB-unixpw)\fR
+is roughly the same as requiring a Unix user login
+(since a Unix password or the user's public key
+authentication is used by sshd on the machine where
+x11vnc runs and only local connections from that machine
+are accepted).
 .IP
 Regarding reverse connections (e.g. \fB-R\fR connect:host
 and \fB-connect\fR host), when the \fB-localhost\fR constraint is
-- 
cgit v1.2.3