Security: Absolute Client vetting or trust a remote root?
Mike Mestnik
cheako+xorg-devel at mikemestnik.net
Fri Jun 8 15:32:40 PDT 2012
On 06/07/2012 11:07 PM, Alan Coopersmith wrote:
> On 06/ 7/12 06:43 PM, Mike Mestnik wrote:
>> On 06/07/12 12:30, Alan Coopersmith wrote:
>>> On 06/ 7/12 05:12 AM, Mike Mestnik wrote:
>>>> The fix is to disable this code whenever a TCP client is connected.
>>>
>>> People who care about security already fixed that by running with
>>> -nolisten tcp.
>>>
>> That disables a major feature of the Network Transparent Windows System,
>> we call X.
>
> No, it just redirects it into more secure channels, such as tunneling over
> ssh, instead of having to re-implement the encryption& authentication in the
> X layer that ssh already provides.
> Debian Free
It's not up to you to determine IF TCP, or any other protocol for that
matter, is insecure! It should not be the purpose of software
developers ds up on theto police there users, that's part of the reason
why FOSS is used over Microsoft and other proprietary technologies.
For example the Debian Free Software Guidelines bars licenses that
restrict software use based on endeavour.
SSH only supports TCP for client connections, not sure how that ends up
connecting on the server side.
More information about the xorg-devel
mailing list