Re: make gnome listen on localhost:*

From: Chris Evans <chris ferret lmh ox ac uk>
To: Stephen Cimarelli <stephen clari net au>
Cc: gnome-list gnome org
Subject: Re: make gnome listen on localhost:*
Date: Fri, 16 Jun 2000 00:16:01 +0100 (BST)

On Fri, 16 Jun 2000, Stephen Cimarelli wrote:

> Hi all I have not been following this very closly
> but I have a question, Does ORBit support the /etc/host.allow file
> if so would it then be a procces of having the default entries in
> host.allow to only allow
> localhost and to deny all other hosts.
> 
> or am I simplifying the probleem to much

Not at all.

However why go to the trouble of listening on a socket if it's disabled by
default. Represent the default disable by not listening ;-)

Why bother to allow localhost? After all, valid connections across
localhost will use UNIX sockets (which are more secure due to being in a
secure directory). In fact allowing localhost is still a risk - might
allow a 2nd stage in a 2 stage attack where stage 1 gets a shell

Cheers
Chris

Follow-Ups:
- Re: make gnome listen on localhost:*
  - From: Stephen Cimarelli

References:
- Re: make gnome listen on localhost:*
  - From: Stephen Cimarelli

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]