From owner-freebsd-hackers Fri Oct 25 7:42:51 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E47C37B404 for ; Fri, 25 Oct 2002 07:42:50 -0700 (PDT) Received: from mail.speakeasy.net (mail14.speakeasy.net [216.254.0.214]) by mx1.FreeBSD.org (Postfix) with ESMTP id A751C43E4A for ; Fri, 25 Oct 2002 07:42:49 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Received: (qmail 29091 invoked from network); 25 Oct 2002 14:42:52 -0000 Received: from unknown (HELO server.baldwin.cx) ([216.27.160.63]) (envelope-sender ) by mail14.speakeasy.net (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for ; 25 Oct 2002 14:42:52 -0000 Received: from laptop.baldwin.cx (gw1.twc.weather.com [216.133.140.1]) by server.baldwin.cx (8.12.6/8.12.6) with ESMTP id g9PEgln5075146; Fri, 25 Oct 2002 10:42:48 -0400 (EDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.5.2 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <20021025083029.GA723@happy-idiot-talk.infracaninophi> Date: Fri, 25 Oct 2002 10:42:52 -0400 (EDT) From: John Baldwin To: Matthew Seaman Subject: Re: X11 display problem Cc: FreeBSD Hackers List Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 25-Oct-2002 Matthew Seaman wrote: > On Thu, Oct 24, 2002 at 06:52:32PM -0700, Kris Kennaway wrote: > >> --nolisten-tcp was added deliberately for security reasons: see the >> commit logs (it's also documented clearly at the top of the startx >> manpage). It sounds like an oversight that xdm doesn't do this; I've >> asked the XFree86 maintainer to investigate and make the corresponding >> change if necessary. > > As in: > > --- /usr/X11R6/lib/X11/xdm/Xservers.orig Fri Mar 22 18:30:32 2002 > +++ /usr/X11R6/lib/X11/xdm/Xservers Fri Oct 25 09:23:10 2002 > @@ -10,4 +10,4 @@ > # look like: > # XTerminalName:0 foreign > # > -:0 local /usr/X11R6/bin/X > +:0 local /usr/X11R6/bin/X -nolisten tcp > > A very good move indeed, IMHO. Would be nice if there could be a 'WITH_TCP' or some such option for the port to enable normal behavior for those people who aren't super paranoid. Having an uber-secure box doesn't do you any good if you can't use it to get actual work done. -- John Baldwin <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message