Summary: | x11-apps/xinit should ship xserverrc that disables tcp for X server by default. | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
Component: | Default Configs | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | CC: | amne, security, xfce |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Samuli Suominen (RETIRED)
2007-12-09 17:44:38 UTC
Just to be clear, both startx and startxfce4 can use this standard xserverrc. Debian ships one, we should also. I'm not sure why security is CC'd on here, as being open on port 6000 does not in itself cause any vulnerabilities. Remote users still require authentication (e.g., via xauth) to access X. Right now, I know gdm, kdm and startx all don't listen on 6000 by default, and I think xdm, which nobody uses, still does. There is bug #193044 for that, which this appears to be a duplicate of. No point in having to bugs then. *** This bug has been marked as a duplicate of bug 193044 *** |