Subject: Re: Weekly BSD Security Digest 2000/07/10 to 2000/07/16
To: Perry E. Metzger <>
From: RJ Atkinson <>
List: tech-security
Date: 07/24/2000 10:59:00
  by with SMTP; 24 Jul 2000 15:03:27 -0000
	by (8.7.6/8.9.3) with ESMTP id OAA20210;
	Mon, 24 Jul 2000 14:59:37 GMT
Message-Id: <>
Date: Mon, 24 Jul 2000 10:59:00 -0400
To: "Perry E. Metzger" <>
From: RJ Atkinson <>
Subject: Re: Weekly BSD Security Digest 2000/07/10 to 2000/07/16
In-Reply-To: <>
References: <Hubert Feyrer's message of "Fri, 21 Jul 2000 03:16:47 +0200 (MET DST)">
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"

At 10:48 24/07/00 , Perry E. Metzger wrote:

>BTW, some years ago my company contributed a patch to the X folks that
>allows you to run X without having it listen to the network at all --
>see the --nolisten tcp option. I've run all my X servers this way ever
>I highly recommend that people run their X systems this way. It
>eliminates a whole host of worries about security. Sure, someone could
>still break root on your machine locally, but for things like single
>user workstations, it eliminates the entire worry about X being
>insecure over the wire.
>I almost think we should make this the shipped default for NetBSD but
>it would break a few people.

         None the less, I think it would make a quite reasonable 
default for all *BSDs, perhaps even for XFree86 in general.
The number of folks who want remote access is smaller than those
who don't need it, I'd guess.  In any event, I believe in systems
that ship secure by default.

         If undertaken, it is important that this choice/change
is clearly documented and that any clues needed to run an 
X server without that option were also well documented.