-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gordon Messmer wrote: ~ > ... People really shouldn't be suggesting that users turn X tcp support | on without noting that doing so is very insecure. X runs as the root | user, and opening a TCP port may make the computer very susceptible to | exploits. | | Unless your machine is on a secure and trusted network, use ssh's X11 | forwarding to run X11 applications remotely. |
Absolutely. I thought that the security aspect was covered in that thread, but I could very well be mistaken.
If you ARE running this machine on a corporate or home LAN that is firewalled/NAT'ed off from the 'Net, then you could probably get away with it.
Still, if you run Bastille against it, I imagine it would point it out as a security vulnerability (don't know if this is the case, since I haven't run Bastille on Fedora yet. Anyone?)
- -- - ---------- Doug Stewart Systems Administrator/Web Applications Developer Lockheed Martin Advanced Technology Labs
Quidquid latine dictum sit, altum viditur -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/zgGAN50Q8DVvcvkRAiQdAJkBWffiMT16GX2beJMrtiwrHVwiCQCeKMHV qIHMiCvQMV7I0JKGhT+hfa0= =UTkF -----END PGP SIGNATURE-----
