[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Aperture, security
Peter Fairbrother wrote (in a message from Monday 17)
> Thanks for the reply. I *have* to use X, and was wondering if there was a
> known way to eliminate that risk.
Use better designed hardware, like sparc, or macppc. On sparc the
aperture driver is not used at all, on macppc or sparc64 it only gives
access to the video card's memory.
You can also try to adapt the sparc64 vgafb driver to i386 if you
don't want to support ISA/VLB VGA cards (or buggy earlier PCI cards
that forgot to claim some of their memory space in PCI configuration
> > start the X server with the '-nolisten tcp' option (either from
> > /etc/X11/xdm/Xservers, or using a .xserverrc with startx). See the
> > Xserver(1) man page for details.
> Thanks, I should have thought of that. I'd still like to remove the code
> that permits that function, rather than just switching it off.
You can '#define ConnectionFlags -DUNIXCONN' in host.def, and
rebuild X. It may need some tweaks to compile though.