How to restrict X server to localhost ?
Alan Coopersmith
alan.coopersmith at sun.com
Wed Mar 18 09:39:01 PDT 2009
hd wrote:
> I'd like my X server is listening only on localhost
>
> Is there a command line option (or config file option) to limit the
> scope of the listening socket of X server ?
>
> there is '-nolisten' but this option seems disable the TCP stack
The normal solution is to use -nolisten tcp and use a local transport
such as Unix domain sockets for connections from the same host.
If you absolutely positively want TCP to localhost, then you'll need
to either configure your OS firewall to restrict port 6000 connections
to localhost or modify the X code to only bind to certain interfaces,
as there is no existing code to allow the configuration of specific
interfaces for X. (There probably should be, but since almost all
OS'es today include some sort of firewall/IP filtering technology,
it's not likely to be high priority on anyone's todo list.)
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
More information about the xorg
mailing list