On Thu, 2005-11-03 at 15:44 +1300, Greg Trounson on Melmac wrote: > Fedora makes use of GDM, and since FC2 an option called "DisallowTCP" > has been set by default, which tells the X server not to listen on TCP > port 6000. Why on earth anyone would want to block remote X11 this > way is quite beyond me, when any decent firewall can do it without > requiring a restart of gdm. Better to stop an exploitable server from listening than try and get something else to block connections to it. One of the first things people, stupidly, do when they can't get something to work is to turn off their firewall, instead of opening a hole through it. If they did that with a server running on their system vulnerable to attack, they've just exposed themselves. It's the same reason that sendmail, and other servers, don't listen for non-localhost connections by default. You can always configure things the way you want. -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
