[15337] in Athena Bugs
Re: sgi 8.1.7: xlogin/dm
daemon@ATHENA.MIT.EDU (John Hawkinson)
Fri Aug 1 01:42:28 1997
Date: Fri, 1 Aug 1997 01:42:26 -0400 (EDT)
To: Mike Barker <mbarker@MIT.EDU>
Cc: bugs@MIT.EDU
In-Reply-To: "[15321] in Athena Bugs"
From: John Hawkinson <jhawk@MIT.EDU>
> if I am reading this correctly, (from man xhost)
You are not;
> doing what you suggest:
>
> TCP connections should be denied to all hosts (including the local
> one) by default.
>
> would make it impossible to use xhost.
No. xhost works fine in the preferred (and secure) configuration of only
permitting the server to accept connections over it's unix-domain
socket (i.e. DISPLAY set to ":0.0").
This is the way Athena workstations have been configured in the past.
It's certainly the way Athena Solaris machines are configured.
It's also quite clearly the Right Approach (tm).
--jhawk
