Bug 194252

Summary:

x11/slim: tighten security on default config

Product:

Ports & Packages

Reporter:

Uffe Jakobsen <uffe>

Component:

Individual Port(s)

Assignee:

Guido Falsi <madpilot>

Status:

Closed FIXED

Severity:

Affects Some People

CC:

henry.hu.sh, madpilot

Priority:

---

Flags:

uffe: maintainer-feedback? (henry.hu.sh)

Version:

Latest

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
slim.patch.txt	none

Description Uffe Jakobsen 2014-10-08 19:33:06 UTC

Created attachment 148111 [details]
slim.patch.txt

The security in default sample config file for x11/slim ((/usr/local/etc/0slim.conf.sample)) seems a little sloppy.

By default slim will start up X listening on tcp port 6000

The attached patch for the sample config file adds "-nolisten tcp" to the start up arguments for X

Comment 1 Bugzilla Automation freebsd_committer

2014-10-08 19:33:06 UTC

Maintainer CC'd

Comment 2 John Marino freebsd_committer

2014-10-31 19:20:09 UTC

This PR timed out; maintainer approval no longer required.
Moving to patch-ready pool.

Comment 3 Henry Hu 2014-10-31 23:30:37 UTC

Approved. Please commit this.

Comment 4 Guido Falsi freebsd_committer

2014-11-02 09:44:22 UTC

Committed. Thanks.

Comment 5 commit-hook freebsd_committer

2014-11-02 09:44:54 UTC

A commit references this bug:

Author: madpilot
Date: Sun Nov  2 09:44:03 UTC 2014
New revision: 372060
URL: https://svnweb.freebsd.org/changeset/ports/372060

Log:
  - Modify sample config to not listen on the net by default [1]
  - Fix paths in man page [2]
  - While here, silence some portlint warnings and modernize plist

  PR:		194252 [1], 194518 [2]
  Submitted by:	uffe at uffe.org [1]
  			adrian@ [2]
  Approved by:	Henry Hu <henry.hu.sh at gmail.com> (maintainer)

Changes:
  head/x11/slim/Makefile
  head/x11/slim/files/patch-slim.1
  head/x11/slim/files/patch-slim.conf
  head/x11/slim/pkg-plist