Hans de Goede <[email protected]> writes: > This patch fixes this, I realize that this is a behavior change, and as such > may be a bit controversial, but I really believe that in this day and age > "-nolisten tcp" by default is the right thing to do.
I've posted patches to Xtrans and the X server that disable tcp and unix listener ports by default while providing a '-listen' command line option to re-enable them. Missing from these patches are a version bump to Xtrans and the associated version check in the X server. If the general form of these patches is acceptable, I'd bump the Xtrans version, do a release, and then make the X server depend on that. The 'unix' listener port uses a non-abstract socket, /tmp/.X11-unix/X0, which is subject to various security threats, and which xcb and Xlib don't use anymore. We could make the set of default no-listen ports configurable at compile time if desired. -- [email protected]
pgpaMx53f8Y4T.pgp
Description: PGP signature
_______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
