Date: Tue, 16 Nov 2010 19:30:02 +0100 From: Roland Smith <rsmith@xs4all.nl> To: Logan Moore <logan@xentac.com> Cc: freebsd-x11@freebsd.org Subject: Re: Using XOrg on a FreeBSD Server Message-ID: <20101116183002.GA48067@slackbox.erewhon.net> In-Reply-To: <AANLkTikJPBv4%2BxQ80R_cfE6i7o0dRKnP7Wm4-Ojwij_j@mail.gmail.com> References: <AANLkTikJPBv4%2BxQ80R_cfE6i7o0dRKnP7Wm4-Ojwij_j@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--UugvWAfsgieZRqgk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Nov 16, 2010 at 07:14:35PM +1300, Logan Moore wrote:
> I'm looking for some advice from some of the pro's here.
>=20
> I've set up FreeBSD on one of my servers, and I have a nice 24" 1920x1200
> monitor plugged into it.=20
Does it have a decent video card that is supported by Xorg and can actually
drive it?
> It seems a shame to be wasting such a decent
> monitor on a simple black and white terminal, so I've been contemplating
> installing XOrg on the server to get a bit of extra functionality from the
> terminals. I'm not thinking KDE or Gnome... just a simple window manager
> like one of the *box's or even just straight up xdm running terminals and
> maybe some basic GUI tools like a text editor/file manager.
Be aware that the modular Xorg consists of a lot of ports. A quick & dirty =
count
('pkg_info -rx xorg- | grep Dependency|sort|uniq|wc -l') gives 139 ports
required by xorg.
> Should I be concerned about any security implications from using XOrg?
Xorg requires write access to /dev/mem and /dev/io, which doesn't work if y=
ou
are running in secure mode (kern.securelevel > 1). I think it will work if =
you
raise the securelevel after starting X. But you cannot restart X.
Also, x-terminals like xterm or urxvt are usually installed setuid root.
By default, Xorg also listens for network connections. You can disable this=
by
adding the '-nolisten tcp' option to the X server arguments, e.g. use 'star=
tx
-- -nolisten tcp'.
> Are there any reasons why I definitely should avoid installing XOrg?
Depends on how paranoid you are, I guess. :-) One could take the position t=
hat
every added application is a possible security hole, and that a server shou=
ld
only have the applications and libraries required for its tasks installed.
Roland
--=20
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
--UugvWAfsgieZRqgk
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (FreeBSD)
iEYEARECAAYFAkzizaoACgkQEnfvsMMhpyWswACcCOjrSna1y1JRgCQRw2wI0DH+
9YAAnA+YZtBnqLvL7qMTAMP8bOFE2S0b
=fdNi
-----END PGP SIGNATURE-----
--UugvWAfsgieZRqgk--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101116183002.GA48067>