[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: Security through obscurity? (was: ssh + compiled-in SKEY support considered harmful?)
From:       "Jacques A. Vidrine" <nectar () FreeBSD ! ORG>
Date:       2002-04-25 15:13:39
[Download RAW message or body]

On Thu, Apr 25, 2002 at 12:02:59PM +0930, Greg 'groggy' Lehey wrote:
> > I think it would be better to just put `-nolisten tcp' in
> > /usr/X11R6/lib/X11/xinit/xserverrc for new installations only.  Then
> > the system administrator could easily override it for all users; and
> > at least a user can override it for herself.
> 
> If he knew about it.  

It's the old documentation trick.

> Look at my last message to Terry: we're talking
> about a package we don't control here.  If somebody comes to FreeBSD
> from another system and X doesn't work the way he expects, he'll blame
> FreeBSD, not X.

Well then we are sunk.

I object to breaking currently working installations.  I think it's OK
to use better defaults for new installations.

This is a hard issue for me to argue, because I consider this
particular change to be of questionable value.

> > Disclosure: I'm unhappy that after upgrading my laptop yesterday, I
> > found I couldn't run `x2x',
> 
> Because of this issue?
> 

Right.

> > and had to restart my X session to remedy the problem.
> 
> At least you knew what the problem was.

Well, I've been running X for 10+ years.  I guess I know what to look
for.

Cheers,
-- 
Jacques A. Vidrine <n@nectar.cc>                     http://www.nectar.cc/
NTT/Verio SME           .      FreeBSD UNIX      .        Heimdal Kerberos
jvidrine@verio.net      .   nectar@FreeBSD.org   .           nectar@kth.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
[prev in list] [next in list] [prev in thread] [next in thread]