Uh-oh, bad news: I just tested it, and looks like Xtigervnc does not check the owner/permissions of the password file at runtime, so if/when the /tmp/tigervnc.XXXXXX directory is removed, an attacker can hijack the VNC session by recreating the directory and password file (I did not test with other credential files, but presumably they work the same). So this is then also a security vulnerability.
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2088433 Title: Problems with tigervncserver copying credential files to /tmp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2088433/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
