From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-xfree-return-17191-listarch-cygwin-xfree=sources.redhat.com@cygwin.com>
Received: (qmail 5588 invoked by alias); 19 Nov 2003 21:12:27 -0000
Mailing-List: contact cygwin-xfree-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:cygwin-xfree-subscribe@cygwin.com>
List-Archive: <http://sources.redhat.com/ml/cygwin-xfree/>
List-Post: <mailto:cygwin-xfree@cygwin.com>
List-Help: <mailto:cygwin-xfree-help@cygwin.com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-xfree-owner@cygwin.com
Mail-Followup-To: cygwin-xfree@cygwin.com
Reply-To: cygwin-xfree@cygwin.com
Received: (qmail 5578 invoked from network); 19 Nov 2003 21:12:25 -0000
Received: from unknown (HELO smtp.web.de) (217.72.192.209)
  by sources.redhat.com with SMTP; 19 Nov 2003 21:12:25 -0000
Received: from [217.81.231.239] (helo=schlepptopp)
	by smtp.web.de with smtp (WEB.DE 4.99 #516)
	id 1AMZbz-00015k-00; Wed, 19 Nov 2003 22:11:44 +0100
Message-ID: <05ac01c3aee2$528dea20$2000000a@schlepptopp>
From: "roland@webde" <devzero@web.de>
To: "Alan Coopersmith" <Alan.Coopersmith@Sun.COM>
Cc: "Keith Whitwell" <keith@tungstengraphics.com>,
	"Keith Packard" <keithp@keithp.com>,
	<cygwin-xfree@cygwin.com>,
	<xserver@pdx.freedesktop.org>
References: <E1AMJiO-0000K0-00@evo.keithp.com> <3FBB269A.9080306@tungstengraphics.com> <054901c3ae7f$16b6bc60$2000000a@schlepptopp> <3FBBC5C8.9030808@Sun.COM>
Subject: Re: security, cvs, was Re: interface bindings of x-server
Date: Wed, 19 Nov 2003 21:12:00 -0000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-SW-Source: 2003-11/txt/msg00285.txt.bz2
List-Id: <cygwin-xfree.sourceware.org>

hi !

> > the only chance to get rid of it, is to use unix domain socket (via -nolisten tcp)  OR to
> > add the option, to specify the interface bindings and be able to bind it to local loopback
> > ONLY. I`d prefer the second one.
> 
> Why?  What benefit does a TCP loopback connection provide over the Unix
> domain socket (which is generally faster on most OS'es)?
the benefit would be compatibility, IMHO.
think of a scenario where cygwin/xfree86 + native win32 ssh client are combined. i`m sure, this isn`t too 
exotic - e.g. i know a _LOT_ of people who do ssh-tunneling via native win32 ssh client "putty" in combination 
with a local separate xserver on their windoze box. does anybody know if any "native" or "non cygwin based" ssh client 
on windows is able to use cygwin/xfree86 unix domain socket on win32 machine? i`m not sure - but i don`t think so.

but, anyway - being able to bind to 127.0.0.1 would be just ONE "special case" of a more general "dedicated interface 
binding feature". nobody says , that you _should_ use 127.0.0.1 - but you always would have an option, to do so.
i`m sysadmin - i like options. ;)

> > feature seems to be in tightvnc already - so maybe we need just some code transfer (since vnc is xfree86
> > based) ? ;)
> 
> Only if the original author of the tightvnc changes agrees to
> distribute under the X license instead of tightvnc's GPL.
oh - pardon! sure! thanks for bringing that back to my mind that this needs to be adressed!
i`m currently digging into tightvnc to get sure it IS the appropriate code at all.

regards
roland