You are not logged in.
As topic.
However to be more specific, since the new Xfce4 xfce4-session automatically listens on a (random?) port. This being a tcp-binding to the ICE layer.
See xfce4-session man page:
--disable-tcp
Disable binding to TCP ports in the ICE layer. This is not possible on every platform. If you
use this option on a platform that does not support it, xfce4-session will print a warning message and ignore the setting.
Thus, by default its enabled.
netstat -apn
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:45505 0.0.0.0:* LISTEN 5318/xfce4-session
[...]
tcp 0 0 :::42892 :::* LISTEN 5318/xfce4-session
[...]
Since I'm paranoid this seems to me like a security risk. It is possibly fixable by appending --disable-tcp to the xfce4-session entry in /etc/xdg/xfce4/xinitrc. Or is there a better place?
Is this worth putting in the bug-tracker, is it intended, should Arch by default disable xfce4-session listening to a tcp-port? Or is there a similar entry somewhere already?
In my opinion, it should be disabled by default, since if it is not specifically required, its just another hole in the system.
m.
Offline