You are not logged in.
Just a thought ...
Is there any reason '-nolisten tcp' is not the default?
In Debian, Ubuntu, Fedora, Red Hat, Suse, OpenBSD and probably many others, X port listening is disabled as a security measure. This means that, as shipped, kdm (or xdm/gdm) is not reachable via the network and is unable to manage X servers running on remote hosts. This is not a big problem, since most people do not need to enable port listening in kdm. SSH forwards for X11 or export DISPLAY should cover most users needs.
May I suggest to do the same in Arch and add '-nolisten tcp' as default in startx and /opt/kde/share/config/kdm/kdmrc ?
Last edited by vfork_0x00f (2007-12-23 02:34:40)
Offline
Sad but true, but it seems that security is not among Arch goals at all.
I agree with you, but I guess that official answers for security related posts are, at best, "Hmm... why do that?..."
Offline
File a feature request: http://bugs.archlinux.org/
It's not that we don't care about security -- we do, but we don't want to go overboard on security so much that we compromise 'the Arch Way' or that it detracts from other projects.
Last edited by iphitus (2007-12-27 12:52:22)
Offline
reported as feathure request " FS#9053"
Everybody is now invited to vote for this task in the bug tracker
Last edited by vfork_0x00f (2008-01-04 12:18:21)
Offline