Re: wdm & security
On Thu, 24 May 2001, Noah L. Meyerhans wrote:
> Interestingly enough, a quick find/grep traversal of the wdm source
> indicates that the only code for setting up network listeners comes
> directly from the xdm sources without modification at all. That implies
> to me that the listener on port 32768 should be as safe as the standard
> xdm listener on port 6000. But I still don't see why it's there.
>
> > this. Should I trash wdm or what? It's a little sad thing to do since
> > it allows me to choose a window manager at login time, something xdm
> > does not do (at least didn't last time I checked).
>
> I would not trash wdm just yet. Let me take a look. If you're
> concerned, you might want to firewall that port using ipchains or
> iptables.
I'm running an local-modified wdm-version here. (Mostly removed the
choosers on the start as they confuse my DAUs and use an quite changed
wmanager-chooser afterwards.
I also switched of the code in xdm for opening this port in source.
(There might also be a config-option for it, but I did not found it).
As I overlooked the code very quickly, it seems olny nessecary for
x-sessions on other computers, which is very rarly used nowadays and
nowhere in the local environment here.
Some config-option with debconf-question would be cool to have, when
someone make the week last 20 days I might send a patch, but univerity
uses all my time currently.
Hochachtungsvoll,
Bernhard R. Link
Reply to: