“Writing a tips article is tricky. Especially for such a hallowed and ‘hardcore’ distribution as Slackware. Veteran users want incredibly good tips. New users considering giving Slack a whirl, and who may be afraid of the BSD-style and command line mystique, want tips that bring accessibility and understanding to Slackware. Find that balance here. From simple bash techniques, to assuring your anonynimity on public Wi-Fi, this article will walk you through the Slackware tips most valuable to you.”
this was a great read — different types of tips than you normally read about. good job.
I love my slackware…
I do love Slackware too, but am very concerned about suggesting:
xhost +
to allow “root” to start x-window applications. 8-(
Much better alternatives are:
“xauth extract …” and “xauth merge ..”
or, even better
“ssh -X root@localhost”
The problem with “xhost +” is, that it allows *everyone on the net* to do whatever he/she likes to your X-Server:
– copy the desktop to his/her machine
– read the contetent of all your windows
– close every window on your machine
– send every window to your machine (forged root logins)
– …
You’re right, perhaps to paranoid
xhost also allows connection from a specific host, I think this would be better: xhost +`cat /etc/HOSTNAME`
Even if you are not paranoid, it doesn’t mean they’re not after you. 😉
“xhost” is *defenetly* a bad idea!
The wrong idea with “xhost” is that it is “hostbound”, like rhosts and rsh/rlogin/…
This should not be used!
Whats wrong with using *secure* tools?
“xauth” is more secure than “xhost” because it is “userbound” and “ssh -X root@localhost” is even more secure and even *more convinient*.
Please take a look at http://www.tldp.org/HOWTO/Remote-X-Apps.html
The big risk with “xhost” is that the machine doesn’t have to authenticate itself, in contrast to userbound authenication.
*Every* user on a accepted machine can abuse the X-Server: nobody, root, crackerjack, whatever.
But why bother with beeing logged in: Lets rename my machine, so it is allowd to mess with the X-Server.
Doesn’t work? Let’s send forged packages, that will do…
Even “xhost +localhost” is a bad idea, because it opens a gaping security hole.
Use “xauth” or “ssh -X root@localhost”. If you generate ssh keys you can even log into root *without* password. This is *secure* (!) as long as you keep your privat ssh key secure.
Though I don’t recommend this, it is much better than using “xhost”.
Thanks to everyone for the input! Convenience is not a subsitute for security.
– dual
The author says: “You don’t need my MAC, nor does the owner of the hotspot need my MAC.”
Yes ofcourse he needs it, by what other means do you want to get your IP address assigned ?!! walk to the coffee counter and ask for a static IP with the venti mocha ?
Go grab a textbook on computer networking and look for the section where it says Multiple Access Protocols.
The article clearly states that “So you are going to use a MAC address, just not the one that came with your wireless card.”
Greate one …thx
I just use “xhost local:” to give permission to local connections only. I think that’s pretty safe. Correct me if I’m wrong.