Hello On Thu, May 04, 2006 at 07:38:49PM -0700, Mike McDonald wrote:
Of course, it would be nice to not require the X server to run without "--nolisten tcp" but this patch breaks the whole CLX (not only for mcclim) on my system.
No, it'd be really nice if psuedo security weenies wouldn't break the standard X configuration!! (Can you tell I have an opinion on this subject?)
Yes, of course. On every machine I use I have configured (or let configure) X to listen on TCP connection, as I do not only need it for mcclim but in general. It really gets on my nerves that I have to give reasons for the change to each administrator again. Unfortunately, and stupidily, the default for most distributions seems to be "--nolisten tcp" these days. That's the reason why I've said not to require it would be nice; that doesn't mean that I like the decision to use this as the default setting (in the name of an alleged higher security). (If they are so desperate to want to disable "remote X access"[1] they should bind X to localhost / the loopback device but not disable listening for TCP connections in general.) Bye, Max 1) See for example: http://www.debianhelp.co.uk/security.htm http://www.us.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.e... -- Max-Gerd Retzlaff <m.retzlaff@gmx.net> http://blog.matroid.org For your amusement: Real Programmers don't write in PL/I. PL/I is for programmers who can't decide whether to write in COBOL or FORTRAN.