LDM_DIRECTX=yes by default?

[Robert Arkiletian]

On Thu, Jul 3, 2008 at 10:16 AM, Warren Togami <wtogami at redhat.com> wrote:
...
> This is bad for security, but if our goal is to have something usable
> out-of-the-box in a similar fashion to how K12LTSP was, then perhaps we
> should do it?
>
> How do people feel about this?
>

Not sure how one would exploit this security hole? So traffic is not
encrypted. It travels from the client to the switch to the server. How
is someone on another client or even with a laptop on the lan going to
sniff keystrokes? If they fake the MAC address of a client that X
session will break anyway. Unless one is root on the server and
captures traffic with wireshark on the internal nic I can't see how to
spy on the traffic.

With ldm_directx=yes
My only concern is if I can safely su to root from a client without
having to worry about some clever kid sniffing my root password.

If this is not safe then please enlighten me as to the exploit method
as security through obscurity is no security.

-- 
Robert Arkiletian
Eric Hamber Secondary, Vancouver, Canada
Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/
C++ GUI tutorial http://www3.telus.net/public/robark/