[PATCH xinit] startx: Pass "-nolisten tcp" by default

Mateusz Jończyk mat.jonczyk at o2.pl
Fri Sep 12 07:40:04 PDT 2014


W dniu 12.09.2014 o 09:25, Hans de Goede pisze:
> Having servers started by startx listen on tcp by default is not a good idea
> in this time and age. Pass "-nolisten tcp" by default, and add a special
> -listen server option which can be used to disable this new default behavior.
> 
> Signed-off-by: Hans de Goede <hdegoede at redhat.com>
> ---
>  man/startx.man | 7 +++++++
>  startx.cpp     | 5 +++++
>  2 files changed, 12 insertions(+)

Hello,
This may generate a security threat in case some people will assume that xinit
uses "-nolisten tcp" by default and then do not pass this parameter on the
command line.
When that code will run will an older XServer version, it will expose the X
Server on a network.

This should be at least documented in the man page.

Greetings,
Mateusz Jończyk


More information about the xorg-devel mailing list