This is the mail archive of the
cygwin-xfree@cygwin.com
mailing list for the Cygwin XFree86 project.
Re: security, cvs, was Re: interface bindings of x-server
hi !
> > the only chance to get rid of it, is to use unix domain socket (via -nolisten tcp) OR to
> > add the option, to specify the interface bindings and be able to bind it to local loopback
> > ONLY. I`d prefer the second one.
>
> Why? What benefit does a TCP loopback connection provide over the Unix
> domain socket (which is generally faster on most OS'es)?
the benefit would be compatibility, IMHO.
think of a scenario where cygwin/xfree86 + native win32 ssh client are combined. i`m sure, this isn`t too
exotic - e.g. i know a _LOT_ of people who do ssh-tunneling via native win32 ssh client "putty" in combination
with a local separate xserver on their windoze box. does anybody know if any "native" or "non cygwin based" ssh client
on windows is able to use cygwin/xfree86 unix domain socket on win32 machine? i`m not sure - but i don`t think so.
but, anyway - being able to bind to 127.0.0.1 would be just ONE "special case" of a more general "dedicated interface
binding feature". nobody says , that you _should_ use 127.0.0.1 - but you always would have an option, to do so.
i`m sysadmin - i like options. ;)
> > feature seems to be in tightvnc already - so maybe we need just some code transfer (since vnc is xfree86
> > based) ? ;)
>
> Only if the original author of the tightvnc changes agrees to
> distribute under the X license instead of tightvnc's GPL.
oh - pardon! sure! thanks for bringing that back to my mind that this needs to be adressed!
i`m currently digging into tightvnc to get sure it IS the appropriate code at all.
regards
roland