[NCLUG] Two easy? security questions...
Aaron Johnson
adj at ccltd.com
Thu Sep 7 13:16:44 MDT 2000
> > X can be told not to listen for TCP connections. Add a '-nolisten
> > tcp' to the X server's command line. If you want connections from
> > remote hosts, this does screw up the usual 'xproggie -display
> > myremotexserver:0' approach, but ssh serves nicely instead.
>
> Where should one add the "-nolisten tcp" flag if X is being started
> "automagically" (eg, runlevel 5 on a RH-like system)?
Not entirely sure on your setup. RedHat actually starts a (sadly
undocumented (at least on the 6.1 box I use most often)) program
called "prefdm" which tries to figure out which of gdm, kdm, and xdm
to run. I'm running gdm, and have this in the [servers] section of my
gdm.conf:
0=/usr/bin/X11/X :0 -nolisten tcp -bpp 32 -dpi 100 dpms vt9
Not sure about doing that with xdm or kdm, but it should be documented
in a man page or doc file somewhere.
HTH.
Aaron
--
MTS, tummy.com, ltd.
Linux and UNIX Consulting and Software
More information about the NCLUG
mailing list