Comment 1 Rémi Cardona (RETIRED) 2009-04-08 09:51:31 UTC

Unless you actually allow incoming tcp connections using "xhost", this is not a problem. IMHO, this is not a problem.

Running X as root is imho a much bigger problem...

Thanks

Thanks for your reply.

However, i disagree with you on the security relevance of this setting. Every security researcher I know (and there are some) would probably say that not running a service at all is always more secure than running a service that doesn’t allow people to use it, because code that’s running can always be flawed.

When the X server stays configured like this per default, I see three main problems:

1. If there is a bug in Xorg even before the IP check that is configured with xhost, some kind of buffer overflow, DoS or whatever, the system is remotely exploitable. There is for example lots of software that can be run via inetd or via a standalone daemon, and most authors of that software recommend to use inetd for access limiting — for a reason.

2. The system is more easily fingerprintable by port scans, for example. It might be helpful for an attacker to know that your host is running X.

3. You’re wasting resources. Yes, a listening socket or two isn’t _that_ much, but this is Gentoo, after all. ;)

I’d like to kindly ask you to confirm your decision with Gentoo’s security experts before closing this bug. No offense, but I have a security background and if this was _my_ distibution I would never use a default setting like this. Of course I will configure my machine for “-nolisten tcp”, but others might not know the implications and assume the default is safe. And even though I’m not saying it is _not_, I’m saying that it could be _safer_.

I hope you don’t take this as personal offense or “nagging around”, I’m just concerned about (what some might see as unimportant details of) my favorite distro.

Comment 3 Rémi Cardona (RETIRED) 2009-06-23 20:12:55 UTC

*** This bug has been marked as a duplicate of bug 193044 ***