[Bug 101337] New - garnome web site recommends people run Xnest in an insecure fashion

[bugzilla-daemon widget gnome org]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

http://bugzilla.gnome.org/show_bug.cgi?id=101337

Changed by james daa com au 

--- shadow/101337	Mon Dec 16 04:45:39 2002
+++ shadow/101337.tmp.12839	Mon Dec 16 04:45:39 2002
@@ -0,0 +1,36 @@
+Bug#: 101337
+Product: GARNOME
+Version: unspecified
+OS: All
+OS Details: 
+Status: NEW   
+Resolution: 
+Severity: normal
+Priority: Normal
+Component: general
+AssignedTo: jdub perkypants org                            
+ReportedBy: james daa com au               
+QAContact: garnome-list gnome org
+TargetMilestone: ---
+URL: 
+Summary: garnome web site recommends people run Xnest in an insecure fashion
+
+The GARNOME web site recommends the following to run gnome in an Xnest:
+  Xnest :1 -ac -geometry 800x600 &
+  export PATH=$HOME/garnome/bin:$PATH
+  export LD_LIBRARY_PATH=$HOME/garnome/lib:$LD_LIBRARY_PATH
+  export GDK_USE_XFT=1
+  DISPLAY=:1 $HOME/garnome/bin/gnome-session &
+
+This is equivalent of running "xhost +" on your server and leaves it
+completely open to anyone who can connect (ie. all other users on the
+system and depending on firewall settings, everyone on the internet).
+
+A better set of commands is:
+  export PATH=$HOME/garnome/bin:$PATH
+  export LD_LIBRARY_PATH=$HOME/garnome/lib:$LD_LIBRARY_PATH
+  export GDK_USE_XFT=1
+  startx $HOME/garnome/bin/gnome-session -- Xnest :1 -geometry 800x600
+
+startx will handle setting up the XAuth tokens and starting the xnest for
+you, and will kill the X server when gnome-session exits.