Security concerns about xfce4-session

Benedikt Meurer benedikt.meurer at unix-ag.uni-siegen.de
Thu Mar 3 18:54:51 CET 2005


Coywolf Qi Hunt wrote:
>>>Just now when I nmap'ed my box, I noticed, xfce4-session was listening
>>>on tcp port: 1025.
>>>Is this normal? After I restart the whole X, xfce4-session no longer
>>>listens on any tcp port just as the usual case. (This is in debian,
>>>and the scripts do not append --disable-tcp to xfce4-session.)
>>>
>>>why this happened? any idea?
>>
>>Uncheck Settings Manager -> Session and Startup -> Advanced -> Security
>>-> [ ] Manage remote applications
> 
> This is still xfce4.0.6. Do you mean in xfce-setting-show or it's not
> featured in old xfce4?
> I cannot see it.

xfce4-session wasn't part of Xfce 4.0.x, instead the Debian people 
included a pre-alpha release of xfce4-session, which isn't supported. 
You should really upgrade to 4.2.0.

Benedikt



More information about the Xfce4-dev mailing list