Security flaw in X.org/XFree?

[ilia_kr]

An interesting article i found at: Theo de Raadt (the founder of OpenBSD) criticises X.org/XFree

[ianw1974]

Most systems have bugs at some point, which get plugged and fixed. SSH has recently had such vulnerabilities.

 

Best thing is to use a firewall, to stop access to the vulnerabilities. Luckily my dsl router has a firewall built-in, but then I also have a hardware firewall behind this, because my original router didn't have a firewall, but NAT only, which in itself does help protect you more than just a standard internet connection using a USB DSL modem or similar.

 

Software firewalls are then next, and since we have Linux, we have shorewall, which is the bees knees. So as long as you have this, you shouldn't really have a problem, providing it's configured correctly :P

[ilia_kr]

Sure, you're right, but do you agree with this concept? Is it really a bug?

[tyme]

I wouldn't say it's a bug since it's being done purposely. A bug is unintentional. And besides, some process will have to have direct access to the devices anyways, so the hole will always be there in some form or another.

[ianw1974]

Most likely a feature :P

[ilia_kr]

The author compares X server operation to MS graphycs mechanism, and sais that running graphycs is better under the supervision of an OS. Is it? I think that X way is faster. Also, how does the GUI works in BSD?

[iphitus]

The author compares X server operation to MS graphycs mechanism, and sais that running graphycs is better under the supervision of an OS. Is it? I think that X way is faster. Also, how does the GUI works in BSD?

 

because of it's design, X has forced *bsd to allow it do