Date: Tue, 23 Apr 2002 20:01:39 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: "Greg 'groggy' Lehey" <grog@FreeBSD.ORG>, Jochem Kossen <j.kossen@home.nl> Cc: hackers@FreeBSD.ORG Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support considered harmful?) Message-ID: <p0511170db8eba170cfda@[128.113.24.47]> In-Reply-To: <20020424084444.N6425@wantadilla.lemis.com> References: <rwatson@FreeBSD.ORG> <200204231009.51297.j.kossen@home.nl> <20020423183452.M6425@wantadilla.lemis.com> <200204231206.01451.j.kossen@home.nl> <20020424084444.N6425@wantadilla.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 8:44 AM +0930 4/24/02, Greg 'groggy' Lehey wrote: >On Tuesday, 23 April 2002 at 12:06:01 +0200, Jochem Kossen wrote: > >>> *shrug* I was the one who sent in the patch. It was added > >>> some time around 2001/10/26 to the XFree86-4 megaport. When > >>> the metaport was created, the patch was incorporated too. > >>> > >>> A simple 'man startx' should have cleared your mind: >>> > >> Well, yes. But I've been using X for 11 years. Why should I > >> have to read the man page to find changes? I think the first thing we need to do, before we get too worked up, is stop taking to Jochem about it. All he did was send in a PR with a suggestion. He's not responsible for the change being committed into the system. > >> How do I know which man page to read? >> > > You start X with startx, seems obvious to me. The disabling > > of tcp connections only applies to startx > >I don't stay with startx. Next I go to xinit, then to Xwrapper, >then to X. All of these work fine. When I try to start an xterm, >nothing happens. This is where we (the freebsd project) need to take a bit more time at when we are making a change like this. I think it makes little difference whether we document the change in UPGRADING, or man pages, or "heads up" on the mailing lists, or errata.html pages on the web site. There will always be some people who are not going to see documentation like that, because it's too far "out of the way" of what they are doing. What we need, in this case, is something which gives the user the information when they do that *xterm* -- ie, at the time of failure, to the person who is seeing the failure. For the case of 'startx -listen_tcp', this might suggest that if a person uses startx without -listen_tcp, then startx should (one way or another) start some process which *does* listen for an incoming connection, and does nothing but tell the user (one way or another...) when that connection comes in. Yes, that's a bit of work. However, it is also a bit of work when someone (like Greg) wastes six hours of a day trying to understand why something "broke". That's a very frustrating six hours of work, and it's also very useless. His six hours of work won't help anyone else when they have to track down the same issue. A simpler solution might be to at least have startx print out a message (somewhere) which mentions the change when it is started up. Maybe print it out only once per userid. I realize that I am being a little vague with these suggestions, but I don't use X all that much, so I'm not sure what the best idea would be. But I do think it is reasonable for FreeBSD to make changes like this, and I do think that *if* we make changes like this then we need to think about how we can best get info about the change to the all people who really *are* effected by the change, and get the info to them when they need it. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0511170db8eba170cfda>