How to disable XFree86 and wdm listening ports
Jason Stone
freebsd-security at dfmm.org
Tue Oct 28 08:59:29 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> > If you think that you might someday invoke X with a different display
> > manager, you might consider replacing /usr/X11R6/bin/X with a shell script
> > that calls "X.real -nolisten tcp" - this would make all methods of
> > starting X not use the tcp port. On the other hand, you'll have to
> > remember to maintain it when you upgrade.
>
> A very nice recommendation.
>
> X is linked to Xwrapper-4
> lrwxr-xr-x 1 root wheel - 10 Oct 22 18:18 X@ -> Xwrapper-4
>
> Please publish your shell script.
Um, I'm not using such a thing, but I imagine it would be something like
the following. Call it something like /usr/X11R6/bin/X-no-tcp and symlink
/usr/X11R6/bin/X to it.
#!/bin/sh
if [ -x /usr/X11R6/bin/Xwrapper-4 ]
then
exec /usr/X11R6/bin/Xwrapper-4 -nolisten tcp $@
elif [ -x /usr/X11R6/bin/XFree86 ]
then
exec /usr/X11R6/bin/XFree86 -nolisten tcp $@
else
echo "Couldn't find Xwrapper-4 or XFree86 - sorry" >&2
exit 1
fi
-Jason
--------------------------------------------------------------------------
Freud himself was a bit of a cold fish, and one cannot avoid the suspicion
that he was insufficiently fondled when he was an infant.
-- Ashley Montagu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE/nqBwswXMWWtptckRAoiyAJ4sGbSV/+U4/Yv3qVnFsJuYeS7whwCgyrrF
Vu/aLcEzeZTjfMhMJBTIZN0=
=k7nC
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list