Slackware 10.2 Tips
Linked by Thom Holwerda on Sat 24th Sep 2005 19:32 UTC, submitted by Disposable
Slackware, Slax "Writing a tips article is tricky. Especially for such a hallowed and 'hardcore' distribution as Slackware. Veteran users want incredibly good tips. New users considering giving Slack a whirl, and who may be afraid of the BSD-style and command line mystique, want tips that bring accessibility and understanding to Slackware. Find that balance here. From simple bash techniques, to assuring your anonynimity on public Wi-Fi, this article will walk you through the Slackware tips most valuable to you."
E-mail Print r 0   9 Comment(s) http://osne.ws/98r
Order by: Score:
Add Comment Post a Comment
nice article
by Anonymous on Sat 24th Sep 2005 21:02 UTC
Anonymous
Member since:
---

this was a great read --- different types of tips than you normally read about. good job.

I love my slackware... ;)

Reply Score: 0

dangerous suggestion: xhost +
by Anonymous on Sat 24th Sep 2005 22:22 UTC
Anonymous
Member since:
---

I do love Slackware too, but am very concerned about suggesting:
xhost +
to allow "root" to start x-window applications. 8-(

Much better alternatives are:
"xauth extract ..." and "xauth merge .."
or, even better
"ssh -X root@localhost"

The problem with "xhost +" is, that it allows *everyone on the net* to do whatever he/she likes to your X-Server:
- copy the desktop to his/her machine
- read the contetent of all your windows
- close every window on your machine
- send every window to your machine (forged root logins)
- ...

Reply Score: 3

RE: dangerous suggestion: xhost +
by Anonymous on Sat 24th Sep 2005 23:55 UTC in reply to "dangerous suggestion: xhost +"
Anonymous Member since:
---

You're right, perhaps to paranoid ;)
xhost also allows connection from a specific host, I think this would be better: xhost +`cat /etc/HOSTNAME`

Reply Score: 0

Anonymous Member since:
---

Even if you are not paranoid, it doesn't mean they're not after you. ;-)

"xhost" is *defenetly* a bad idea!

The wrong idea with "xhost" is that it is "hostbound", like rhosts and rsh/rlogin/...

This should not be used!

Whats wrong with using *secure* tools?
"xauth" is more secure than "xhost" because it is "userbound" and "ssh -X root@localhost" is even more secure and even *more convinient*.
Please take a look at http://www.tldp.org/HOWTO/Remote-X-Apps.html

The big risk with "xhost" is that the machine doesn't have to authenticate itself, in contrast to userbound authenication.
*Every* user on a accepted machine can abuse the X-Server: nobody, root, crackerjack, whatever.
But why bother with beeing logged in: Lets rename my machine, so it is allowd to mess with the X-Server.
Doesn't work? Let's send forged packages, that will do...

Even "xhost +localhost" is a bad idea, because it opens a gaping security hole.

Use "xauth" or "ssh -X root@localhost". If you generate ssh keys you can even log into root *without* password. This is *secure* (!) as long as you keep your privat ssh key secure.
Though I don't recommend this, it is much better than using "xhost".

Reply Score: 2

Article is fixed.
by Anonymous on Sun 25th Sep 2005 07:54 UTC
Anonymous
Member since:
---

Thanks to everyone for the input! Convenience is not a subsitute for security.

- dual

Reply Score: 1

v MAC address
by Anonymous on Sun 25th Sep 2005 12:31 UTC
RE: MAC address
by Peter on Sun 25th Sep 2005 12:41 UTC in reply to "MAC address"
Peter Member since:
2005-07-06

The article clearly states that "So you are going to use a MAC address, just not the one that came with your wireless card."

Reply Score: 2

hmmm...
by Anonymous on Sun 25th Sep 2005 12:47 UTC
Anonymous
Member since:
---

Greate one ...thx

Reply Score: 0

About xhost
by Anonymous on Sun 25th Sep 2005 15:31 UTC
Anonymous
Member since:
---

I just use "xhost local:" to give permission to local connections only. I think that's pretty safe. Correct me if I'm wrong.

Reply Score: 0

Add Comment Post a Comment