X server security enhancement (?): "-nolisten tcp"

To: debian-devel@lists.debian.org (Debian Development)
Subject: X server security enhancement (?): "-nolisten tcp"
From: amos@gezernet.co.il (Amos Shapira)
Date: Sun, 22 Nov 1998 21:56:42 +0200
Message-id: <"rfkIiC.A.3dF.uxGW2"@murphy>

Hello,

At least in my case, my desktop machine's X server shouldn't interest
anyone else on the Internet (I login to it remotely sometimes, using
ssh, and I access its resident web pages, but I never had to use an X
application from outside my machine), and I suspect that most people's
servers might be the same.  Would you consider to add a "-nolisten
tcp" flag as a default configuration?

When I previously suggested to disable rsh/rexec/rlogin/finger and
their likes as default services my suggestion was shot down by the
claim that these are essential for people to troubleshoot their
servers remotely, does anyone think this argument is valid for X as
well?

Cheers,

--Amos

--Amos Shapira                    | "Of course Australia was marked for
133 Shlomo Ben-Yosef st.          |  glory, for its people had been chosen
Jerusalem 93 805                  |  by the finest judges in England."
ISRAEL       amos@gezernet.co.il  |                     -- Anonymous

Reply to:

Follow-Ups:
- Re: X server security enhancement (?): "-nolisten tcp"
  - From: Elie Rosenblum <fnord@jurai.net>

Prev by Date: Re: glibc recompiling was Re: libc resolver problem solved (critical bug)
Next by Date: Re: X server security enhancement (?): "-nolisten tcp"
Previous by thread: Re: glibc locale trouble
Next by thread: Re: X server security enhancement (?): "-nolisten tcp"
Index(es):
- Date
- Thread