On Fri, 25 May 2001, Steve wrote: >"Ed" == Ed Street <[EMAIL PROTECTED]> writes: >> Hello, If memory serves me correctly there's a line in /etc/X11 that >> you can add/modify to tell it to NOT lissen. > > startx -- -nolisten tcp > >will have the effect. However, there doesn't seem to be a global >setting that will enforce it system-wide, short of aliasing startx to >that command. > >When some X11 vulnerabilities were found in this area last year, the >reporter suggested that desktop installs of X11 systems should enable >this option as default. This would be nice to see added to debian, if >only as part of the perennially-discussed task-harden. Doesn't even >effect remote xsessions, as you should be using ssh to tunnel your >sessions anyway.
You don't read the debconf warnings much, do you? xserver-* has been warning potential installers that it doesn't listen on TCP for about a year now if memory serves... >Steve > > >-- >To UNSUBSCRIBE, email to [EMAIL PROTECTED] >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- You have paid nothing for the preceding, therefore it's worth every penny you've paid for it: if you did pay for it, might I remind you of the immortal words of Phineas Taylor Barnum regarding fools and money? Who is John Galt? [EMAIL PROTECTED], that's who!