Security is not having to say "how high?" when someone says jump!
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Miroslav Kubik Sent: Monday, August 29, 2005 4:54 AM To: misc@openbsd.org Subject: Re: Shouldn't OpenBSD X11 come out with "-nolisten tcp" as default? In my opinion, it is better to have it disabled as default. Nothing is without bugs. So if we want most secure OS we should disable this function. If you need it. Enable it. MK ----- Original Message ----- From: "Han Boetes" <[EMAIL PROTECTED]> To: <misc@openbsd.org> Sent: Monday, August 29, 2005 11:32 AM Subject: Re: Shouldn't OpenBSD X11 come out with "-nolisten tcp" as default? Vladislav Belogrudov wrote: > I thought it would make sence for most secure OS. > One port less listening the World. It's not a security problem to have an open port. It's a security problem to have a bad server listening to an open port. And since nobody knows about a problem with the X server, not even the people who have very deep knowledge about X and about security you can safely assume it's OK to have that port open by default. Now if you don't trust any of all those experts and you want to close that port for your own machine that's fine, but don't ask the experts to trust on your intuition while they are providing the OS in the first place. # Han
