https://bugs.kde.org/show_bug.cgi?id=395419
Bug ID: 395419
Summary: Xwayland listens on port 6000+n on all network
interfaces
Product: kwin
Version: 5.13.0
Platform: Archlinux Packages
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: platform-x11-nested
Assignee: kwin-bugs-n...@kde.org
Reporter: itgvk...@grr.la
Target Milestone: ---
In plasma wayland session Xwayland is started with default settings which means
it listens on tcp/tcp6 on all network interfaces on port 6000+n (n=display
number).
Listening on network without user consent is harmful for security. Especially
as it's not possible to disable this in config.
In X11 session all display managers start xserver with '-nolisten tcp' option
which disables above behavior.
Considering above I think current Xwayland config is decreasing security in
comparison to standalone X11 session and should be adjusted.
BTW: This behavior can create specific issues for some users:
https://bugs.kde.org/show_bug.cgi?id=394431
Steps to reproduce:
1. Login to plasma-wayland session
2. sudo ss -tunwrap | column -t
--
You are receiving this mail because:
You are watching all bug changes.
