From owner-freebsd-gnome@FreeBSD.ORG  Sat Oct  9 14:12:06 2004
Return-Path: <owner-freebsd-gnome@FreeBSD.ORG>
Delivered-To: freebsd-gnome@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F295416A4CE
	for <freebsd-gnome@freebsd.org>; Sat,  9 Oct 2004 14:12:05 +0000 (GMT)
Received: from ran.psg.com (ip192.186.dsl-acs2.seawa0.iinet.com
	[209.20.186.192])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C053843D2D
	for <freebsd-gnome@freebsd.org>;
	Sat,  9 Oct 2004 14:12:05 +0000 (GMT)	(envelope-from randy@psg.com)
Received: from localhost ([127.0.0.1] helo=ran.psg.com.psg.com)
	by ran.psg.com with esmtp (Exim 4.34 (FreeBSD))
	id 1CGHx7-000Jal-8c; Sat, 09 Oct 2004 07:12:05 -0700
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <16743.61876.660465.143923@ran.psg.com>
Date: Sat, 9 Oct 2004 07:12:04 -0700
To: Jose M Rodriguez <josemi@freebsd.jazztel.es>
References: <4166D58D.6020305@ev.net>
	<opsfkp4emw9aq2h7@mezz.mezzweb.com>
	<16743.60507.600537.599188@ran.psg.com>
	<200410091555.07963.josemi@freebsd.jazztel.es>
cc: freebsd-gnome@freebsd.org
Subject: Re: Gnome2 hangs on startup
X-BeenThere: freebsd-gnome@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: GNOME for FreeBSD -- porting and maintaining
	<freebsd-gnome.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-gnome>,
	<mailto:freebsd-gnome-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-gnome>
List-Post: <mailto:freebsd-gnome@freebsd.org>
List-Help: <mailto:freebsd-gnome-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-gnome>,
	<mailto:freebsd-gnome-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Oct 2004 14:12:06 -0000

>>> It's in our FAQ: http://www.freebsd.org/gnome/docs/faq2.html#q20
>> it all looks reasonable until one gets to
>>     Fam also requires that portmapper is running.  Add the
>>     appropriate entry to /etc/rc.conf:
>> due to long, and possibly outdated, training in security paranoia,
>> i just can't bring myself to enable portmapper.
>> do i need re-education, or should i hope that this can be changed
>> in the future?
> Ah.  You have problems with inetd/rpcbind/fam security in a machine that 
> runs X.  What special security enabled version of X are you using?

engineering is, among other things, compromise.  and security is
never absolute.  i am willing to accept the risks of X in exchange
for the benefits, which are considerable.  last i talked to
security friends, portmapper had fewer benefits and greater risks.

ymmv; i do have friends that still use screen.

if portmapper's risks have been significantly reduced, plese send
clue.  otherwise, discussing other security issues would seem to be
a red herring.

randy