Security: Absolute Client vetting or trust a remote root?

Alan Coopersmith alan.coopersmith at
Thu Jun 7 21:07:15 PDT 2012

On 06/ 7/12 06:43 PM, Mike Mestnik wrote:
> On 06/07/12 12:30, Alan Coopersmith wrote:
>> On 06/ 7/12 05:12 AM, Mike Mestnik wrote:
>>> The fix is to disable this code whenever a TCP client is connected.
>> People who care about security already fixed that by running with
>> -nolisten tcp.
> That disables a major feature of the Network Transparent Windows System,
> we call X.

No, it just redirects it into more secure channels, such as tunneling over
ssh, instead of having to re-implement the encryption & authentication in the
X layer that ssh already provides.

	-Alan Coopersmith-              alan.coopersmith at
	 Oracle Solaris Engineering -

More information about the xorg-devel mailing list