Summary: | x11-apps/xdm: leaves port 6000 open by default | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Elias Gabriel Amaral da Silva <tolkiendili> |
Component: | Default Configs | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | major | CC: | wtt6, x11, yac |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Elias Gabriel Amaral da Silva
2010-08-23 04:11:49 UTC
(In reply to comment #0) > xdm is not honoring /etc/X11/xinit/xserverrc. There appears to be quite a bit of relevant history in Bug 193044. @x11, help? Oh, interesting. Andrew Hurst says there: "The answer is no! /usr/bin/startx reads /etc/X11/xinit/xserverrc which is where -nolisten tcp should go. However, this is for configuring all xserver's default. According to xorg people in the irc channel, xserver default args should be configured per session manager in e.g. /etc/GDM/gdm.conf for gdm, and /etc/X11/xdm/Xservers for xdm." my /etc/X11/xdm/Xservers is: -- # $Xorg: Xserv.ws.cpp,v 1.3 2000/08/17 19:54:17 cpqbld Exp $ # # Xservers file, workstation prototype # # This file should contain an entry to start the server on the # local display; if you have more than one display (not screen), # you can add entries to the list (one per line). If you also # have some X terminals connected which do not support XDMCP, # you can add them here as well. Each X terminal line should # look like: # XTerminalName:0 foreign # :0 local /usr/bin/X :0 vt7 -- is this supposed to be adequate to issue -nolisten tcp? (I suppose not. Then, I request a new default for this config file) Changing the last line of /etc/X11/xdm/Xservers to :0 local /usr/bin/X :0 vt7 -nolisten tcp seems to fix this. *** Bug 382903 has been marked as a duplicate of this bug. *** port 6000 is no longer open in current stable versions |