[PATCH xinit] startx: Pass "-nolisten tcp" by default
Mateusz Jończyk
mat.jonczyk at o2.pl
Fri Sep 12 07:40:04 PDT 2014
W dniu 12.09.2014 o 09:25, Hans de Goede pisze:
> Having servers started by startx listen on tcp by default is not a good idea
> in this time and age. Pass "-nolisten tcp" by default, and add a special
> -listen server option which can be used to disable this new default behavior.
>
> Signed-off-by: Hans de Goede <hdegoede at redhat.com>
> ---
> man/startx.man | 7 +++++++
> startx.cpp | 5 +++++
> 2 files changed, 12 insertions(+)
Hello,
This may generate a security threat in case some people will assume that xinit
uses "-nolisten tcp" by default and then do not pass this parameter on the
command line.
When that code will run will an older XServer version, it will expose the X
Server on a network.
This should be at least documented in the man page.
Greetings,
Mateusz Jończyk
More information about the xorg-devel
mailing list