wdm & security

To: <debian-security@lists.debian.org>
Subject: wdm & security
From: Juha Jäykkä <juolja@utu.fi>
Date: Thu, 24 May 2001 13:53:46 +0300 (EET DST)
Message-id: <Pine.SOL.4.30.0105241342460.14463-100000@alya.utu.fi>

  I am a little concerned about XFree86+wdm keeping a bunch of
processes listening on port 32768. (wdm is the windowmaker xdm
replacement.) According to lsof -i TCP, there are a number of
processes listening on the port. When using X, I accept the obvious
port 6000 being open for inbound connections and I believe XFree is
secure enough with it (I only allow local logged-in user from
localhost to contact to my X server) but what is this wdm doing
listening on 32768? nmap says it's an unknown port and /etc/services
does not recognise it. IANA seems to recognise the port as
filenet-tms     32768/tcp  Filenet TMS
filenet-tms     32768/udp  Filenet TMS
but I have no idea what "Filenet TMS" is. I am a little at a loss with
this. Should I trash wdm or what? It's a little sad thing to do since
it allows me to choose a window manager at login time, something xdm
does not do (at least didn't last time I checked).
  For what it's worth, my wdm is Version: 1.20-5, from unstable. The
newest seems to be 1.20-10, but I am in a habit of upgrading unstable
stuff only if there is a problem/security issue. (Because things
sometimes break, like alsa-utils was broken last week.)

-- 
		 -----------------------------------------------
		| Juha Jäykkä, juolja@utu.fi			|
		| home: http://www.utu.fi/~juolja/		|
		 -----------------------------------------------

Reply to:

Follow-Ups:
- Re: wdm & security
  - From: "Noah L. Meyerhans" <frodo@morgul.net>

Prev by Date: Re: strange log entry
Next by Date: Re: strange log entry
Previous by thread: Re: strange log entry
Next by thread: Re: wdm & security
Index(es):
- Date
- Thread