[vox-tech] xhost+: Why you should NEVER DO THAT
Richard Harke
rharke at earthlink.net
Fri Mar 18 18:08:04 PST 2005
On Friday 18 March 2005 16:12, Karsten M. Self wrote:
> The history of secure applications development is largely divided into
> two groups:
>
> 1. Those who anticipate hostile environments, design for scenarios in
> which no two components trust one another, and correctly implement
> failsafe, trust, integrity, and encryption procedures.
>
> 2. Those who've been the source of multiple compromises.
>
>
> Paranoia pays off here. Safe practices pay off. Even those who _are_
> paranoid and cautious suffer breakins (the good ones will let you know
> that this has happened). The truely frightening are those who deny the
> problem exists _and_ fail to recongize a compromise when they see it.
>
When I first installed firefox it refused to run. After googling about I found
the advice to do xhost +. Based on this thread I should have rejected the
advice leaving me with two alternatives:
1: download the firefox source and debug it.
2: apt-get purge firefox (followed by a nasty email to somewhere)
Richard Harke
More information about the vox-tech
mailing list