[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netbsd-tech-security
Subject:    Re: X server security question
From:       Matthieu Herrb <matthieu () laas ! fr>
Date:       2001-04-23 20:05:46
[Download RAW message or body]

You wrote (in your message from Monday 23)
 > Is there any way of having a X server on a machine without having an
 > open port on 6000/tcp? I'd like to bind the server only to localhost,
 > not to all available interfaces, but I don't see any options for the X
 > server that could help doing this. Did I missed something? 

You missed the Xserver(1) manual page. 
X -nolisten tcp will do what you want. 
 > 
 > And is it possible to use UNIX domain sockets for communicating between
 > X clients and the X server? Again, I saw nothing in the documentation
 > about this.

A DISPLAY setting of :0 or :0.0 (or :1) will use a Unix domain socket
(in /tmp/.X11-unix). Moreover, on BSD systems Xlib uses a Unix domain
socket automatically if it detect that the IP address of the client
and the server are the same.



-- 
					Matthieu

[prev in list] [next in list] [prev in thread] [next in thread]