On Wed, 19 Nov 2003, Keith Packard wrote:
> Around 18 o'clock on Nov 19, Dave Dodge wrote:
> > [I realize xauth, or changing permissions on the unix socket, could
> > probably solve this as well. But the localhost method is really,
> > really easy :-]
>
> When you say 'xhost +localhost' you're also
Dave Dodge wrote:
Why? What benefit does a TCP loopback connection provide over the Unix
domain socket (which is generally faster on most OS'es)?
Just a data point: I have lots of special-purpose accounts on my
desktop system, for example when building package XYZ I might create a
specific "xyz"
Around 18 o'clock on Nov 19, Dave Dodge wrote:
> [I realize xauth, or changing permissions on the unix socket, could
> probably solve this as well. But the localhost method is really,
> really easy :-]
When you say 'xhost +localhost' you're also granting permission for
applications to connect t
On Wed, 19 Nov 2003, Alan Coopersmith wrote:
> [EMAIL PROTECTED] wrote:
> > the only chance to get rid of it, is to use unix domain socket
> > (via -nolisten tcp) OR to add the option, to specify the interface
> > bindings and be able to bind it to local loopback ONLY. I`d prefer
> > the second one
hi !
> > the only chance to get rid of it, is to use unix domain socket (via -nolisten tcp)
> > OR to
> > add the option, to specify the interface bindings and be able to bind it to local
> > loopback
> > ONLY. I`d prefer the second one.
>
> Why? What benefit does a TCP loopback connection pr
[EMAIL PROTECTED] wrote:
the only chance to get rid of it, is to use unix domain socket (via -nolisten tcp) OR
to
add the option, to specify the interface bindings and be able to bind it to local
loopback
ONLY. I`d prefer the second one.
Why? What benefit does a TCP loopback connection provide
Hi!
i`d like if discussion "unix domain socket vs. 127.0.0.1/TCP for local X connections"
would be a complete separate discussion thread. could we separate this?
ok, it seems my thread has alreade become somewhat a separate one (the "was" in the
subject line) ;)
MY intention with this threa
On Wed, Nov 19, 2003 at 01:35:20AM -0800, Keith Packard wrote:
>
> Around 10 o'clock on Nov 19, "[EMAIL PROTECTED]" wrote:
>
> > the only chance to get rid of it, is to use unix domain socket (via
> > -nolisten tcp)
>
> That option should be the default; ssh refuses to listen on a unix
> domain
Around 10 o'clock on Nov 19, "[EMAIL PROTECTED]" wrote:
> the only chance to get rid of it, is to use unix domain socket (via
> -nolisten tcp)
That option should be the default; ssh refuses to listen on a unix
domain socket, but appears quite happy to connect to a unix domain
socket.
I don't
IL PROTECTED]>
To: "Keith Packard" <[EMAIL PROTECTED]>
Cc: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
"dri-devel"
<[EMAIL PROTECTED]>
Sent: Wednesday, November 19, 2003 9:15 AM
Subject: security, cvs
Around 8 o'clock on Nov 19, Keith Whitwell wrote:
> Is it foolhardy to continue running anoncvs, especially without the checks &
> balances which caught the backdoor attempt in linux?
The pserver running on fd.o has been specially hacked to run as 'nobody'
from the very start, unlike most pser
ssh uses IP4:127.0.0.1, and as many times as ppl have asked for unix socket support it
has allways
been denied. -nolisten tcp is something for the distros to set up, it should be
*usable by
default.
* Meaning all non-devel features on and nothing extra for the user to do.
--- Keith Whitwell <[
Keith Packard wrote:
Around 2 o'clock on Nov 19, "[EMAIL PROTECTED]" wrote:
Keith, could you put this (being able to specify the interface bindings of
the xserver on the commandline) as a feature request on http://
www.freedesktop.org/Software/XserverWishlist if you find this feature
request usef
13 matches
Mail list logo