[Techtalk] Shutting off X ports.
Anthony de Boer
linuxchix at lists.leftmind.net
Fri Aug 29 16:59:07 EST 2003
Telsa Gwynne wrote:
> ...
> The guy was trying to be super-secure and didn't understand that
> X used the network.
>
> He had firewalled himself from localhost.
I have "X -nolisten tcp :0" in my .xserverrc. This tells the X server
not to listen on tcp port 6000 at all, and X cheerfully uses a
Unix-domain socket for all its local needs.
(On another machine it's "/usr/X11R6/bin/Xwrapper :0 -auth
/home/adb/.Xauthority -nolisten tcp"; I think there's some history there
I didn't want to remember.)
Not listening on a port in the first place beats having to firewall it.
When I do want to run an X client on another machine, I use ssh with
X forwarding enabled.
--
Anthony de Boer
More information about the Techtalk
mailing list