single linux box on dsl?
Tom 'Needs A Hat' Mitchell
mitch48 at sbcglobal.net
Fri May 14 22:17:41 UTC 2004
On Fri, May 14, 2004 at 03:38:58PM -0400, Jeremy Brown wrote:
> Tom 'Needs A Hat' Mitchell wrote:
> >On Thu, May 13, 2004 at 10:32:27AM -0400, Jay Daniels wrote:
> >
....
> >Not really. X-Windows uses networking.
> >
> >However X is happy to use only the 127.0.0 localhost (loopback)
> >network and does not need to connect to or accept connections
> >from networks to the outside world.
> >
> >
> Not to nitpick, but we just had a thread about this. X11 mostly uses
> UNIX domain sockets for local communication (file-based, they reside in
> "/tmp" if you're curious). TCP-based communication (i.e. "using ports")
> is disabled by default in Fedora.
Nitpicking is good.
I learned some stuff in this discussion.
When the client is using DISPLAY set thus:
$ echo $DISPLAY
:1.0
I see "socket(PF_UNIX, SOCK_STREAM, 0)" in the system call trace of a
client. (PF_UNIX, PF_LOCAL Local communication)
and when the client is using DISPLAY set thus:
$ echo $DISPLAY
localhost:1.0
I see "socket(PF_INET, SOCK_STREAM, IPPROTO_IP)" in the system call
trace of a client (PF_INET IPv4 Internet protocols). And this does fail
unless I tell
and when I ssh in I see DISPLAY set thus:
$ echo $DISPLAY
localhost:11.0
I see "socket(PF_INET, SOCK_STREAM, IPPROTO_IP)"....
So I stand corrected -- while all the communications are
done with sockets local communication need not use
TCP any more.
By tinkering with /etc/X11/gdm/gdm.confn
$ diff gdm*
162d161
> DisallowTCP=false
remote access ports will be opened by gdm that can then in turn be
blocked by packet/port filters. Other window managers (there are
lots) may act or be configured differently.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.
More information about the fedora-list
mailing list