Security Gap: Insecure VNC Command in Official Docs, Default Setting Allows Session Hijacking

A recent security gap analysis has uncovered two low-severity but critical configuration flaws in a VNC (Virtual Network Computing) setup. The first is an insecure command example present in official troubleshooting documentation, which would reintroduce a known vulnerability if followed. The second is a default template setting that allows multiple simultaneous VNC client connections, creating a window for session hijacking and unauthorized observation.

The specific vulnerabilities are detailed. The file `docs/guides/vision-vnc-ui-testing.md` contains an old, insecure command line example instructing users to disable security types (`-SecurityTypes None`). Simultaneously, the configuration template `vnc-config.j2` sets `AlwaysShared=1` by default. This setting permits multiple clients to connect to the same VNC session concurrently, meaning an attacker who gains access could monitor or interfere with an active user's session without forcing a disconnection.

These issues were identified during a follow-up review of a previous security hardening effort (issue #1939). The proposed fixes are straightforward: update the documentation to show the secure command using `-SecurityTypes VncAuth,TLSVnc`, and change the `AlwaysShared` parameter default to `0` or make it configurable with a secure default. While classified as low-severity, these oversights highlight how residual insecure defaults and outdated documentation can persist even after core security patches, leaving operational blind spots that could be exploited.