From owner-freebsd-gnome@FreeBSD.ORG Sat Oct 9 14:30:07 2004 Return-Path: Delivered-To: freebsd-gnome@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B3F4916A4CE for ; Sat, 9 Oct 2004 14:30:07 +0000 (GMT) Received: from smtp2.jazztel.es (smtp2.jazztel.es [62.14.3.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4CDDE43D46 for ; Sat, 9 Oct 2004 14:30:07 +0000 (GMT) (envelope-from josemi@freebsd.jazztel.es) Received: from antivirus by smtp2.jazztel.es with antivirus id 1CGIET-0002jc-00 Sat, 09 Oct 2004 16:30:01 +0200 Received: from [212.106.255.193] (helo=rguez.homeunix.net) by smtp2.jazztel.es with esmtp id 1CGIET-0002jC-00 Sat, 09 Oct 2004 16:30:01 +0200 Received: from redesjm.local (orion.redesjm.local [192.168.254.16]) by rguez.homeunix.net (8.13.1/8.13.1) with ESMTP id i99EU4DI095333; Sat, 9 Oct 2004 16:30:04 +0200 (CEST) (envelope-from josemi@freebsd.jazztel.es) Received: from localhost (localhost [[UNIX: localhost]]) by redesjm.local (8.13.1/8.13.1/Submit) id i99EU3rr000863; Sat, 9 Oct 2004 16:30:03 +0200 (CEST) (envelope-from josemi@freebsd.jazztel.es) X-Authentication-Warning: orion.redesjm.local: freebsd set sender to josemi@freebsd.jazztel.es using -f From: Jose M Rodriguez To: Randy Bush Date: Sat, 9 Oct 2004 16:30:03 +0200 User-Agent: KMail/1.7 References: <4166D58D.6020305@ev.net> <200410091555.07963.josemi@freebsd.jazztel.es> <16743.61876.660465.143923@ran.psg.com> In-Reply-To: <16743.61876.660465.143923@ran.psg.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200410091630.03594.josemi@freebsd.jazztel.es> X-AntiVirus: checked by AntiVir Milter 1.1-beta; AVE 6.27.0.12; VDF 6.27.0.81 (host: antares.redesjm.local) X-Virus-Scanned: by antivirus cc: freebsd-gnome@freebsd.org Subject: Re: Gnome2 hangs on startup X-BeenThere: freebsd-gnome@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GNOME for FreeBSD -- porting and maintaining List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Oct 2004 14:30:07 -0000 El S=E1bado, 9 de Octubre de 2004 16:12, Randy Bush escribi=F3: > >>> It's in our FAQ: http://www.freebsd.org/gnome/docs/faq2.html#q20 > >> > >> it all looks reasonable until one gets to > >> Fam also requires that portmapper is running. Add the > >> appropriate entry to /etc/rc.conf: > >> due to long, and possibly outdated, training in security paranoia, > >> i just can't bring myself to enable portmapper. > >> do i need re-education, or should i hope that this can be changed > >> in the future? > > > > Ah. You have problems with inetd/rpcbind/fam security in a machine > > that runs X. What special security enabled version of X are you > > using? > > engineering is, among other things, compromise. and security is > never absolute. i am willing to accept the risks of X in exchange > for the benefits, which are considerable. last i talked to > security friends, portmapper had fewer benefits and greater risks. > > ymmv; i do have friends that still use screen. > > if portmapper's risks have been significantly reduced, plese send > clue. otherwise, discussing other security issues would seem to be > a red herring. > > randy None have request you to activate fam, rpcbind or inetd. Only have a=20 valid entry for your host in the resolver or not activate blackhole=20 operation. =2D- josemi