[18547] in Athena Bugs
Re: linux 8.4.17: dm not using xauth
daemon@ATHENA.MIT.EDU (Karl Ramm)
Mon Nov 27 11:15:26 2000
To: Greg Hudson <ghudson@MIT.EDU>
Cc: bugs@MIT.EDU
From: Karl Ramm <kcr@1ts.org>
Date: 27 Nov 2000 11:15:21 -0500
In-Reply-To: Greg Hudson's message of "Mon, 27 Nov 2000 09:56:33 -0500"
Message-Id: <uuswvdpo0h2.fsf@ORTHANC.MIT.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Greg Hudson <ghudson@MIT.EDU> writes:
> * We can leave xauth off, in which case IP address checking is
> done on the Internet socket (which is possibly vulnerable to
> source-routing attacks; I've never verified this) but of
> course no local access control is done.
XFree86 4.0 seems to have an option to disable the tcp socket, so there's
at least hope in sight for linux.
Perusing the Xserver man page on an 8.4 sun suggests that the -pn option
-pn permits the server to continue running if it fails
to establish all of its well-known sockets (connec-
tion points for clients), but establishes at least
one.
might be used to accomplish the same thing if we bind something to port
6000 (inetd? :-) before starting the X server.
I don't have a convenient SGI to log into and check the man pages there.
Food for thought.
kcr
