I wanted to try out Apple's Remote Desktop for kicks, so I enabled it in the Services Pane under Sharing, opened up port 5900 on the firewall, and set it only to allow access to one particular 'test' account - a standard user. I did not enable priviledges to delete files or change settings. I did set a password for a VNC client to control the screen.
I first tested it out using Chicken VNC as the client on my ibook (ARD was set up on my intel imac). Sure enough, Chicken VNC could access the 'test' account, but not the other accounts.
I then tested it out at work using Real VNC client on an XP box by forwarding port 5900 on my WAN ip to my private ip address on the imac. Sure enough, it worked from my job, but here's the question - it allowed access to other user accounts on the imac that I did not authorize access to in the ARD settings in the Services pane. Why would it allow access to these other accounts if I specifically blocked them by not checking them? This is making me leary of using VNC in the future.
I first tested it out using Chicken VNC as the client on my ibook (ARD was set up on my intel imac). Sure enough, Chicken VNC could access the 'test' account, but not the other accounts.
I then tested it out at work using Real VNC client on an XP box by forwarding port 5900 on my WAN ip to my private ip address on the imac. Sure enough, it worked from my job, but here's the question - it allowed access to other user accounts on the imac that I did not authorize access to in the ARD settings in the Services pane. Why would it allow access to these other accounts if I specifically blocked them by not checking them? This is making me leary of using VNC in the future.