tech-x11 archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

re: xdm passwordless logins



> But I think ~nobody does remote xdm or uses X terminals any more, and if
> xdm had a config PermitEmtpyPasswords that defaulted to yes if connected
> to 127.0.0.1/::1/unix-socket, and no if otherwise, that would be fine.

i like this idea, but please leave 127.0.0.1 out of the
"safe" zone, please.

X doesn't listen there by default so there's no point in
having our "secure zone" include, and it opens potential
attack vectors.


Home | Main Index | Thread Index | Old Index