On Sat, Oct 13, 2001 at 04:58:53PM -0700, Karsten M. Self wrote: > I've been engaged in an extended offline discussion with an individual > on the topic of running remote X applications under Debian. Getting > beyond security concerns involved, the -nolisten flag of XFree86 is one > of the blocks he's stumbled over. Discovering the 'man' command appears > to be another.... > > My question: is setting the -nolisten flag in /etc/X11/xinit/xserverrc > a Debian-specific default, or has this been more widely adopted in other > GNU/Linux distributions and/or XFree86v4? >
I can't speak for Debian, but when I added KDE to my system, I got a friendly debconf message that KDE had disabled listening on TCP, because it is a security hole for most desktop users. I agree with KDE, listening on TCP for X connections is a dangerous thing for most users and should be disabled by default. I'd rather surprise the few who try to do networked X, than the many who plug their desktop into an open Internet connection. -- This message is hastily written, please ignore any unpleasant wordings, do not consider it a binding commitment, even if its phrasing may indicate so. Its contents may be deliberately or accidentally untrue. Trademarks and other things belong to their owners, if any.
