Security: Absolute Client vetting or trust a remote root?

Alan Coopersmith alan.coopersmith at oracle.com
Thu Jun 7 21:07:15 PDT 2012


On 06/ 7/12 06:43 PM, Mike Mestnik wrote:
> On 06/07/12 12:30, Alan Coopersmith wrote:
>> On 06/ 7/12 05:12 AM, Mike Mestnik wrote:
>>> The fix is to disable this code whenever a TCP client is connected.
>>
>> People who care about security already fixed that by running with
>> -nolisten tcp.
>>
> That disables a major feature of the Network Transparent Windows System,
> we call X.

No, it just redirects it into more secure channels, such as tunneling over
ssh, instead of having to re-implement the encryption & authentication in the
X layer that ssh already provides.

-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc


More information about the xorg-devel mailing list