[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: wdm & security

On Fri, 25 May 2001, Steve wrote:

>"Ed" == Ed Street <blacknet@phenixcable.net> writes:
>> Hello, If memory serves me correctly there's a line in /etc/X11 that
>> you can add/modify to tell it to NOT lissen.
>  startx -- -nolisten tcp
>will have the effect.  However, there doesn't seem to be a global
>setting that will enforce it system-wide, short of aliasing startx to
>that command.
>When some X11 vulnerabilities were found in this area last year, the
>reporter suggested that desktop installs of X11 systems should enable
>this option as default.  This would be nice to see added to debian, if
>only as part of the perennially-discussed task-harden.  Doesn't even
>effect remote xsessions, as you should be using ssh to tunnel your
>sessions anyway.

You don't read the debconf warnings much, do you?  xserver-* has been
warning potential installers that it doesn't listen on TCP for about a
year now if memory serves...

>To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


You have paid nothing for the preceding, therefore it's worth every penny
you've paid for it: if you did pay for it, might I remind you of the
immortal words of Phineas Taylor Barnum regarding fools and money?

Who is John Galt?  galt@inconnu.isu.edu, that's who!

Reply to: