[vox-tech] xhost+: Why you should NEVER DO THAT
Jonathan Stickel
jjstickel at sbcglobal.net
Fri Mar 18 18:12:35 PST 2005
Richard Harke wrote:
> On Friday 18 March 2005 16:12, Karsten M. Self wrote:
>
>>The history of secure applications development is largely divided into
>>two groups:
>>
>> 1. Those who anticipate hostile environments, design for scenarios in
>> which no two components trust one another, and correctly implement
>> failsafe, trust, integrity, and encryption procedures.
>>
>> 2. Those who've been the source of multiple compromises.
>>
>>
>>Paranoia pays off here. Safe practices pay off. Even those who _are_
>>paranoid and cautious suffer breakins (the good ones will let you know
>>that this has happened). The truely frightening are those who deny the
>>problem exists _and_ fail to recongize a compromise when they see it.
>>
>
> When I first installed firefox it refused to run. After googling about I found
> the advice to do xhost +. Based on this thread I should have rejected the
> advice leaving me with two alternatives:
>
> 1: download the firefox source and debug it.
>
> 2: apt-get purge firefox (followed by a nasty email to somewhere)
>
Have you tried firefox directly downloaded from Mozilla.org?
More information about the vox-tech
mailing list