#1854: Xserver insecurely listens for TCP
-----------------------------+----------------------------------------------
Reporter: RuiSeabra | Owner: openmoko-kernel
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: System Software | Version:
Severity: normal | Keywords: Xserver security haspatch
Blockedby: | Reproducible: always
Blocking: |
-----------------------------+----------------------------------------------
Xserver listens for TCP on port 6000 by default. If you really want to
have that, you can change from a secure default into a less secure
default.
However, the default should not be to listen to anything at all since that
is an attack vector which can be used to crack an OpenMoko.
The solution is simple, just add {{{-nolisten tcp}}} to the Xserver's
flags
--
Ticket URL: <https://docs.openmoko.org/trac/ticket/1854>
docs.openmoko.org <http://docs.openmoko.org/trac/>
openmoko trac
