[mcclim-devel] mcclim destorys clx on ACL 6.2
Max-Gerd Retzlaff
m.retzlaff at gmx.net
Fri May 5 08:24:06 UTC 2006
Hello
On Thu, May 04, 2006 at 07:38:49PM -0700, Mike McDonald wrote:
> >Of course, it would be nice to not require the X server to run without
> >"--nolisten tcp" but this patch breaks the whole CLX (not only for
> >mcclim) on my system.
>
> No, it'd be really nice if psuedo security weenies wouldn't break
> the standard X configuration!! (Can you tell I have an opinion on this
> subject?)
Yes, of course. On every machine I use I have configured (or let
configure) X to listen on TCP connection, as I do not only need it for
mcclim but in general. It really gets on my nerves that I have to give
reasons for the change to each administrator again. Unfortunately, and
stupidily, the default for most distributions seems to be "--nolisten
tcp" these days. That's the reason why I've said not to require it
would be nice; that doesn't mean that I like the decision to use this
as the default setting (in the name of an alleged higher security).
(If they are so desperate to want to disable "remote X access"[1] they
should bind X to localhost / the loopback device but not disable
listening for TCP connections in general.)
Bye,
Max
1) See for example:
http://www.debianhelp.co.uk/security.htm
http://www.us.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s5.4
--
Max-Gerd Retzlaff <m.retzlaff at gmx.net> http://blog.matroid.org
For your amusement:
Real Programmers don't write in PL/I. PL/I is for programmers who can't
decide whether to write in COBOL or FORTRAN.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://mailman.common-lisp.net/pipermail/mcclim-devel/attachments/20060505/f0b9b2c1/attachment.sig>
More information about the mcclim-devel
mailing list