On Fri, Jan 18, 2008 at 03:14:05PM +0000, Alexey Vatchenko wrote:
> On 2008-01-18, Tony Abernethy <[EMAIL PROTECTED]> wrote:
> > Alexey Vatchenko wrote:
> >> On 2008-01-18, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> >> > On Thu, Jan 17, 2008 at 06:24:16PM -0700, Clint Pachl wrote:
> >> >> If you want security, get rid of X.
> >> >>
> >> > Even if it's OpenBSD's X? The one that you need should you need to
> >> > build any ports (including if you follow current and need
> >> security fixes
> >> > to any ports)?
> >>
> >> http://marc.info/?l=openbsd-misc&m=114738577123893&w=2
> >
> > Making X and no-X versions of everything has gotta be a pain.
> > The security problem with X is that the (blobby?) video
> > card has got better access to memory than the OS.
>
> The problem is not in blobbyness (all drivers that come with OpenBSD are open
> sourced), the problem is that the userland program (X server) has access to
> the
> things that must be allowed only to kernel.
To build ports, you need to have X installed. But there's no need to run it.
-Otto
