Using XOrg on a FreeBSD Server
Roland Smith
rsmith at xs4all.nl
Tue Nov 16 18:41:07 UTC 2010
On Tue, Nov 16, 2010 at 07:14:35PM +1300, Logan Moore wrote:
> I'm looking for some advice from some of the pro's here.
>
> I've set up FreeBSD on one of my servers, and I have a nice 24" 1920x1200
> monitor plugged into it.
Does it have a decent video card that is supported by Xorg and can actually
drive it?
> It seems a shame to be wasting such a decent
> monitor on a simple black and white terminal, so I've been contemplating
> installing XOrg on the server to get a bit of extra functionality from the
> terminals. I'm not thinking KDE or Gnome... just a simple window manager
> like one of the *box's or even just straight up xdm running terminals and
> maybe some basic GUI tools like a text editor/file manager.
Be aware that the modular Xorg consists of a lot of ports. A quick & dirty count
('pkg_info -rx xorg- | grep Dependency|sort|uniq|wc -l') gives 139 ports
required by xorg.
> Should I be concerned about any security implications from using XOrg?
Xorg requires write access to /dev/mem and /dev/io, which doesn't work if you
are running in secure mode (kern.securelevel > 1). I think it will work if you
raise the securelevel after starting X. But you cannot restart X.
Also, x-terminals like xterm or urxvt are usually installed setuid root.
By default, Xorg also listens for network connections. You can disable this by
adding the '-nolisten tcp' option to the X server arguments, e.g. use 'startx
-- -nolisten tcp'.
> Are there any reasons why I definitely should avoid installing XOrg?
Depends on how paranoid you are, I guess. :-) One could take the position that
every added application is a possible security hole, and that a server should
only have the applications and libraries required for its tasks installed.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-x11/attachments/20101116/12b6f9fc/attachment.pgp
More information about the freebsd-x11
mailing list