X - Security

This is a discussion on X - Security ; I wonder why it has not occurred to anyone in the X establishment to *dump* all the network aspects from X - and just focus on the video aspect. I think the network aspects are *cruft* and a huge security ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: X

  1. X

    I wonder why it has not occurred to anyone in the X establishment to
    *dump* all the network aspects from X - and just focus on the video aspect.

    I think the network aspects are *cruft* and a huge security risk in this
    day and age. Most if not all workstations out there today are fully
    powered computers and have no need for the network aspects. The network
    aspects are from a time and place that is no longer relevant.

    Just for starters, X.org could fork the X distribution into two branches,
    the current in one and just video in the new branch. If more than 6 guys
    download the old branch, they could continue it. Otherwise, it is better
    off *gone*.

    Other opinions?

  2. Re: X

    In comp.os.linux.security John :
    > I wonder why it has not occurred to anyone in the X establishment to
    > *dump* all the network aspects from X - and just focus on the video aspect.


    > I think the network aspects are *cruft* and a huge security risk in this
    > day and age. Most if not all workstations out there today are fully
    > powered computers and have no need for the network aspects. The network
    > aspects are from a time and place that is no longer relevant.


    Err?

    X network transparency is one of it's biggest advantages, if you
    look a bit deeper into it, you'll mention that it uses lo even if
    your sitting in front of the box. There are no security problems,
    you just tunnel needed apps through *ssh* from remote systems and
    disallow remote access to X, as most distro do today per default.

    Please dig a bit deeper into X, before making such ridiculous
    statements.

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 82: Yeah, yo mama dresses you funny and you need
    a mouse to delete files.

  3. Re: X

    John writes:
    >I wonder why it has not occurred to anyone in the X establishment to
    >*dump* all the network aspects from X - and just focus on the video aspect.
    >
    >I think the network aspects are *cruft* and a huge security risk in this
    >day and age. Most if not all workstations out there today are fully
    >powered computers and have no need for the network aspects. The network
    >aspects are from a time and place that is no longer relevant.
    >
    >Just for starters, X.org could fork the X distribution into two branches,
    >the current in one and just video in the new branch. If more than 6 guys
    >download the old branch, they could continue it. Otherwise, it is better
    >off *gone*.
    >
    >Other opinions?


    You're an idiot?

    --
    "Other people are not your property."
    [email me at huge [at] huge [dot] org [dot] uk]



  4. Re: X

    John wrote:
    > I wonder why it has not occurred to anyone in the X establishment to
    > *dump* all the network aspects from X - and just focus on the video aspect.
    >
    > I think the network aspects are *cruft* and a huge security risk in this
    > day and age. Most if not all workstations out there today are fully
    > powered computers and have no need for the network aspects. The network
    > aspects are from a time and place that is no longer relevant.
    >
    > Just for starters, X.org could fork the X distribution into two branches,
    > the current in one and just video in the new branch. If more than 6 guys
    > download the old branch, they could continue it. Otherwise, it is better
    > off *gone*.
    >
    > Other opinions?


    I find the network aspects wuite useful what security risks do you think
    are associated with it?


  5. Re: X

    On 04.12.2005, Michael Heiming wrote:
    > In comp.os.linux.security John :
    >> I wonder why it has not occurred to anyone in the X establishment to
    >> *dump* all the network aspects from X - and just focus on the video aspect.

    >
    >> I think the network aspects are *cruft* and a huge security risk in this
    >> day and age. Most if not all workstations out there today are fully
    >> powered computers and have no need for the network aspects. The network
    >> aspects are from a time and place that is no longer relevant.

    >
    > Err?
    >
    > X network transparency is one of it's biggest advantages, if you
    > look a bit deeper into it, you'll mention that it uses lo even if
    > your sitting in front of the box.


    Not exactly. Remember that $DISPLAY equal to ":0.0" points firstly to
    unix domain socket (/tmp/.X11-unix/X0, at least under X.Org and
    XFree86 4.3). To localhost:6000 points $DISPLAY=localhost:0.0.

    --
    Feel free to correct my English
    Stanislaw Klekot

  6. Re: X

    In comp.os.linux.security Stachu 'Dozzie' K. :
    > On 04.12.2005, Michael Heiming wrote:
    >> In comp.os.linux.security John :
    >>> I wonder why it has not occurred to anyone in the X establishment to
    >>> *dump* all the network aspects from X - and just focus on the video aspect.

    >>
    >>> I think the network aspects are *cruft* and a huge security risk in this
    >>> day and age. Most if not all workstations out there today are fully
    >>> powered computers and have no need for the network aspects. The network
    >>> aspects are from a time and place that is no longer relevant.

    >>
    >> Err?
    >>
    >> X network transparency is one of it's biggest advantages, if you
    >> look a bit deeper into it, you'll mention that it uses lo even if
    >> your sitting in front of the box.


    > Not exactly. Remember that $DISPLAY equal to ":0.0" points firstly to
    > unix domain socket (/tmp/.X11-unix/X0, at least under X.Org and
    > XFree86 4.3). To localhost:6000 points $DISPLAY=localhost:0.0.


    Yep, thx for your heads up!

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 327: The POP server is out of Coke

  7. Re: X

    "John" wrote in message
    newsan.2005.12.04.07.13.33.175315@Somewhere.com

    > I wonder why it has not occurred to anyone in the X establishment to
    > *dump* all the network aspects from X - and just focus on the video
    > aspect.


    Probably everyone except you has a brain.

  8. Re: X

    Michael Heiming wrote:
    > In comp.os.linux.security John :
    >
    >>I wonder why it has not occurred to anyone in the X establishment to
    >>*dump* all the network aspects from X - and just focus on the video aspect.

    >
    >
    >>I think the network aspects are *cruft* and a huge security risk in this
    >>day and age. Most if not all workstations out there today are fully
    >>powered computers and have no need for the network aspects. The network
    >>aspects are from a time and place that is no longer relevant.

    >
    >
    > Err?
    >
    > X network transparency is one of it's biggest advantages, if you
    > look a bit deeper into it, you'll mention that it uses lo even if
    > your sitting in front of the box. There are no security problems,
    > you just tunnel needed apps through *ssh* from remote systems and
    > disallow remote access to X, as most distro do today per default.
    >
    > Please dig a bit deeper into X, before making such ridiculous
    > statements.
    >


    There are way too many applications built with these features in mind to
    remove them.

    There are also a fair number of hardcore *nix users who rely on this.

    Lose - Lose. Novice users gain nothing, experts lose a great deal.

    It also depends on your situation. In some cases LAN security isn't
    critical, in most X is lower on your list of concerns than say bad
    passwords or telnet.

    Besides... How else can I run xsnow on a Sparc if not remotely?

    Scott R. Haven
    Sr. Systems Engineer
    Paisley Systems Inc.
    managed services, consulting, and support
    www.paisleysystems.com


+ Reply to Thread