[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to reduce sid security

Quoting Boyd Moore (tbmoore@bealenet.com):

> Well I did have rlogin, that is it points to netkit-rlogin.  I finally
> got rsh to work by commenting out the ALL: PARANOID line in
> hosts.deny.  I thought that the  hosts.allow overrode the hosts.deny,
> but apparently they have reversed the priority.

hosts.allow is consulted first, so if hosts.deny makes any difference
at all, then hosts.allow didn't provide a match. The first match is
all that matters.

(Overriding depends on reading to the end of all the files and then
taking the last match. It doesn't happen here.)

> Now rsh, rlogin, etc.
> works, but still not remote X windows.
> I have gone through the xauth routine to make sure the .Xauthority
> files are the same for the same user on both hosts.  And I have set
> the xhost + on both machines, but I always get the "Can't open display
> ..." message.

/etc/X11/xinit/xserverrc contains -nolisten tcp
in the default Debian configuration which prevents port
6000 (or is it 6001, it's so long ago...) from being
opened. netstat should confirm this.


Email:  d.wright@open.ac.uk   Tel: +44 1908 653 739  Fax: +44 1908 655 151
Snail:  David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA
Disclaimer:   These addresses are only for reaching me, and do not signify
official stationery. Views expressed here are either my own or plagiarised.

Reply to: