Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 32350

Summary: The system should have an option to not hold your hand and protect you from yourself.
Product: Gentoo Linux Reporter: Shahar Goldin <aldarsior>
Component: [OLD] UnspecifiedAssignee: Gentoo X packagers <x11>
Status: RESOLVED WONTFIX    
Severity: minor CC: mr_bones_, vapier
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Shahar Goldin 2003-10-30 17:18:08 UTC 
Recently I found out that the Gentoo ebuild of X disables X listening on port 6000. 
This is nonstandard, evil, wrong, and everything else nasty. BUT I can see why it would be nice for Joe User who doesn't know what networked X is.
The system should NOT hold power users hands, and should not protect them from themselves. When I install Gentoo for Aunt Tillie down the street, who has a dial up connection and doesn't know what network abstraction is, let alone why should want it, I would want the X TCP port closed. On any of my machines, which are firewalled off from the internet and/or have their own firewalls allowing necessary traffic (in corporate situations where perimiter security is simply not enough), I WANT X ACTING LIKE X. I'm sure this will come up with other packages, where protecting the User from themselves seems like a good idea but will piss off a small (but vocal) minority of power users and system administrators. Hence my preposed solution would be a USE flag along the lines of "holdmyhand" which is enabled by default.

Comments welcome.
Comment 1 SpanKY gentoo-dev 2003-10-30 17:58:52 UTC 
i'd disagree with this ... imho a majority of users will never use the tcp
listening aspect of X ... it also has had a history of exploits ...

if you want listening for X, then edit the config files in /etc/X11, end
of story
Comment 2 Seemant Kulleen (RETIRED) gentoo-dev 2003-10-30 18:50:14 UTC 
I don't see the point of this bug -- power users know enough to edit the
config file.
Comment 3 Shahar Goldin 2003-10-30 18:57:45 UTC 
This is non-standard behavior modifying the functionality of a major application.
I don't see how thats NOT a bug.
Comment 4 Seemant Kulleen (RETIRED) gentoo-dev 2003-10-30 20:40:14 UTC 
would you prefer we have xfree display behaviour that is decidedly and inherently
insecure?
Comment 5 SpanKY gentoo-dev 2003-10-30 21:16:05 UTC 
default doesnt mean best ;)
Comment 6 Brandon Hale (RETIRED) gentoo-dev 2003-10-30 22:08:17 UTC 
Surely a "power user" like yourself would prefer the added security of ssh
-X.
And it isnt hard to realize that it is far easier to tailor the defaults
to the average
user and leave the more experienced to tweak to suit their own tastes.