From owner-freebsd-mobile  Tue Nov 13 13:35:59 2001
Delivered-To: freebsd-mobile@freebsd.org
Received: from bunrab.catwhisker.org (adsl-63-193-123-122.dsl.snfc21.pacbell.net [63.193.123.122])
	by hub.freebsd.org (Postfix) with ESMTP id 5AECD37B41B
	for <mobile@FreeBSD.ORG>; Tue, 13 Nov 2001 13:35:54 -0800 (PST)
Received: (from david@localhost)
	by bunrab.catwhisker.org (8.11.6/8.11.6) id fADLZna29979
	for mobile@FreeBSD.ORG; Tue, 13 Nov 2001 13:35:49 -0800 (PST)
	(envelope-from david)
Date: Tue, 13 Nov 2001 13:35:49 -0800 (PST)
From: David Wolfskill <david@catwhisker.org>
Message-Id: <200111132135.fADLZna29979@bunrab.catwhisker.org>
To: mobile@FreeBSD.ORG
Subject: Re: X and DHCP
In-Reply-To: <XFMail.20011114063932.doconnor@gsoft.com.au>
Sender: owner-freebsd-mobile@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-mobile.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-mobile>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-mobile>
X-Loop: FreeBSD.org

>Date: Wed, 14 Nov 2001 06:39:32 +1030 (CST)
>From: "Daniel O'Connor" <doconnor@gsoft.com.au>

>On 13-Nov-2001 Kevin Oberman wrote:
>> > Kind of sucks from a security perspective though.

>>  I'd like to state this far more strongly. I sucks huge rocks from a
>>  security perspective if you are on a multiuser system....

>But if you are using a laptop it is probably totally irrelevant.

With all due respect, I fail to see how the form factor of the system is
of any relevance to the issue:  the system is still a mutli-user
networked machine, and services that may be accessed via the network may
well be vectors for exploits.

>BTW the number of people using startx (which defaults to xhost authentication)
>is quite large :(

I'm willing to believe that, though it isn't justification for considering
the behavior in question as desirable.

Indeed, by using xdm, I was able to make use of ssh-agent, and thus make
ssh very easy to use -- yes, from my laptop.  And good security that is
easy to use is a Very Good Thing.

Cheers,
david
-- 
David H. Wolfskill				david@catwhisker.org
As a computing professional, I believe it would be unethical for me to
advise, recommend, or support the use (save possibly for personal
amusement) of any product that is or depends on any Microsoft product.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-mobile" in the body of the message