From owner-freebsd-hackers Thu Apr 25 8:13: 3 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mail.rapidsite.net (mail.rapidsite.net [207.158.192.62]) by hub.freebsd.org (Postfix) with SMTP id 0A88837B42A for ; Thu, 25 Apr 2002 08:12:56 -0700 (PDT) Received: from r00.nat.boca.verio.net (208.55.254.110) by mail.rapidsite.net (RS ver 1.0.63s) with SMTP id 06516901; Thu, 25 Apr 2002 11:12:41 -0400 (EDT) Received: from shade.nectar.cc (shade.nectar.cc [127.0.0.1]) by shade.nectar.cc (8.12.3/8.12.3) with ESMTP id g3PFDf0i007853; Thu, 25 Apr 2002 10:13:41 -0500 (CDT) (envelope-from nectar@shade.nectar.cc) Received: (from nectar@localhost) by shade.nectar.cc (8.12.3/8.12.3/Submit) id g3PFDdSa007852; Thu, 25 Apr 2002 10:13:39 -0500 (CDT) Date: Thu, 25 Apr 2002 10:13:39 -0500 From: "Jacques A. Vidrine" To: "Greg 'groggy' Lehey" Cc: Robert Watson , Jordan Hubbard , Oscar Bonilla , Anthony Schneider , Mike Meyer , hackers@FreeBSD.org Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support considered harmful?) Message-ID: <20020425151339.GB7802@shade.nectar.cc> References: <20020423131646.I6425@wantadilla.lemis.com> <20020424090655.O6425@wantadilla.lemis.com> <20020424122754.GC42969@madman.nectar.cc> <20020425120259.B79657@wantadilla.lemis.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020425120259.B79657@wantadilla.lemis.com> User-Agent: Mutt/1.3.28i X-Url: http://www.nectar.cc/ X-Loop-Detect: 1 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Apr 25, 2002 at 12:02:59PM +0930, Greg 'groggy' Lehey wrote: > > I think it would be better to just put `-nolisten tcp' in > > /usr/X11R6/lib/X11/xinit/xserverrc for new installations only. Then > > the system administrator could easily override it for all users; and > > at least a user can override it for herself. > > If he knew about it. It's the old documentation trick. > Look at my last message to Terry: we're talking > about a package we don't control here. If somebody comes to FreeBSD > from another system and X doesn't work the way he expects, he'll blame > FreeBSD, not X. Well then we are sunk. I object to breaking currently working installations. I think it's OK to use better defaults for new installations. This is a hard issue for me to argue, because I consider this particular change to be of questionable value. > > Disclosure: I'm unhappy that after upgrading my laptop yesterday, I > > found I couldn't run `x2x', > > Because of this issue? > Right. > > and had to restart my X session to remedy the problem. > > At least you knew what the problem was. Well, I've been running X for 10+ years. I guess I know what to look for. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message