-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 10 November 2003 20:56, Kerry Cox wrote: > on box B or Fedora so it would accept incoming X connections. > Just curious why this would be so. [agreen@fastcat agreen]$ ps -Af | grep X root 4081 4080 1 Oct30 ? 03:30:04 /usr/X11R6/bin/X :0 -audit 0 - -auth /var/gdm/:0.Xauth -nolisten tcp vt7 That -nolisten tcp is there by default to stop evil people touching your X session (which is apparently very rapidly equivalent to "becoming root"). Hm [agreen@fastcat agreen]$ grep nolisten /etc/X11/* -R /etc/X11/gdm/factory-gdm.conf:# If true this will basically append -nolisten tcp to every X command line, /etc/X11/gdm/factory-gdm.conf:# not add a "-nolisten tcp", as then the query just wouldn't work, so /etc/X11/gdm/gdm.conf:# If true this will basically append -nolisten tcp to every X command line, /etc/X11/gdm/gdm.conf:# not add a "-nolisten tcp", as then the query just wouldn't work, so [agreen@fastcat agreen]$ vi /etc/X11/gdm/gdm.conf # If true this will basically append -nolisten tcp to every X command line, # a good default to have (why is this a "negative" setting? because if # it is false, you could still not allow it by setting command line of # any particular server). It's probably better to ship with this on # since most users will not need this and it's more of a security risk # then anything else. # Note: Anytime we find a -query or -indirect on the command line we do # not add a "-nolisten tcp", as then the query just wouldn't work, so # this setting only affects truly local sessions. #DisallowTCP=true so its off in there... don't know where its added then, you'll have to grep around. - -Andy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/sAEgjKeDCxMJCTIRAngSAJ4w/HWvom4helWIp8LMsqWsRFG4jgCfaNbs q3mpO14UJVpBkMIxvUrYW+Q= =ms/V -----END PGP SIGNATURE-----
