(Sorry for the cross-posting; this is somewhat important)
Versions 1.20-11.2 and 1.20-12 of wdm contain a configuration error that
caused X session authentication data to be stored in a non-existant
directory. In situations like this, the X server falls back to a
security mode which allows
(Sorry for the cross-posting; this is somewhat important)
Versions 1.20-11.2 and 1.20-12 of wdm contain a configuration error that
caused X session authentication data to be stored in a non-existant
directory. In situations like this, the X server falls back to a
security mode which allows *all*
startx -- -nolisten tcp
Obviously this would do the trick, but see below as to why it is not
a good option.
only as part of the perennially-discussed task-harden. Doesn't even
effect remote xsessions, as you should be using ssh to tunnel your
sessions anyway.
There is no way of ssh
I would not trash wdm just yet. Let me take a look. If you're
concerned, you might want to firewall that port using ipchains or
iptables.
No problem - I am currently behind an ipchains firewall, but it's
about to change and I just wanted to know if something breaks if I
ipchain/table the
On Fri, 25 May 2001, Steve wrote:
Ed == Ed Street [EMAIL PROTECTED] writes:
Hello, If memory serves me correctly there's a line in /etc/X11 that
you can add/modify to tell it to NOT lissen.
startx -- -nolisten tcp
will have the effect. However, there doesn't seem to be a global
setting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 25 May 2001 10:00 am, John Galt wrote:
On Fri, 25 May 2001, Steve wrote:
Ed == Ed Street [EMAIL PROTECTED] writes:
Hello, If memory serves me correctly there's a line in /etc/X11 that
you can add/modify to tell it to NOT lissen.
On Thu, 24 May 2001, Noah L. Meyerhans wrote:
Interestingly enough, a quick find/grep traversal of the wdm source
indicates that the only code for setting up network listeners comes
directly from the xdm sources without modification at all. That implies
to me that the listener on port 32768
I would not trash wdm just yet. Let me take a look. If you're
concerned, you might want to firewall that port using ipchains or
iptables.
No problem - I am currently behind an ipchains firewall, but it's
about to change and I just wanted to know if something breaks if I
ipchain/table the
Ed == Ed Street [EMAIL PROTECTED] writes:
Hello, If memory serves me correctly there's a line in /etc/X11 that
you can add/modify to tell it to NOT lissen.
startx -- -nolisten tcp
will have the effect. However, there doesn't seem to be a global
setting that will enforce it system-wide,
On Fri, 25 May 2001, Steve wrote:
Ed == Ed Street [EMAIL PROTECTED] writes:
Hello, If memory serves me correctly there's a line in /etc/X11 that
you can add/modify to tell it to NOT lissen.
startx -- -nolisten tcp
will have the effect. However, there doesn't seem to be a global
setting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 25 May 2001 10:00 am, John Galt wrote:
On Fri, 25 May 2001, Steve wrote:
Ed == Ed Street [EMAIL PROTECTED] writes:
Hello, If memory serves me correctly there's a line in /etc/X11 that
you can add/modify to tell it to NOT lissen.
On Thu, 24 May 2001, Noah L. Meyerhans wrote:
Interestingly enough, a quick find/grep traversal of the wdm source
indicates that the only code for setting up network listeners comes
directly from the xdm sources without modification at all. That implies
to me that the listener on port 32768
I am a little concerned about XFree86+wdm keeping a bunch of
processes listening on port 32768. (wdm is the windowmaker xdm
replacement.) According to lsof -i TCP, there are a number of
processes listening on the port. When using X, I accept the obvious
port 6000 being open for inbound
On Thu, May 24, 2001 at 01:53:46PM +0300, Juha Jäykkä wrote:
I am a little concerned about XFree86+wdm keeping a bunch of
processes listening on port 32768. (wdm is the windowmaker xdm
Hi. I am the wdm maintainer for Debian. I haven't been maintaining
this package for too long, and I'm not
Hello,
If memory serves me correctly there's a line in /etc/X11 that you can
add/modify to tell it to NOT lissen.
Ed
-Original Message-
From: Noah L. Meyerhans [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 24, 2001 10:47 AM
To: Debian Security List
Subject: Re: wdm security
On Thu
15 matches
Mail list logo