From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.54)
	id 1El9Sm-0004es-4c
	for garchives@archives.gentoo.org; Sat, 10 Dec 2005 18:28:52 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jBAIQtpR008026;
	Sat, 10 Dec 2005 18:26:55 GMT
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.199])
	by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jBAIHTJ9014658
	for <gentoo-user@lists.gentoo.org>; Sat, 10 Dec 2005 18:17:30 GMT
Received: by wproxy.gmail.com with SMTP id i22so1136269wra
        for <gentoo-user@lists.gentoo.org>; Sat, 10 Dec 2005 10:17:29 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=ut2Y7/rabmXV06lqP01+TPjS5AzQLPPoCf7fvW1tAOP6SzsT2HedpSDc5oCLpovCopVHNR84PkyQHCJBNq7GOckpvIa73nRunSvo/xEzBe8bDCNlZbu/fbSZiOPDqouTf2YtCurUTBRoABIyER9e6NLWcVMwWP45KHr+fsXkMh0=
Received: by 10.54.102.13 with SMTP id z13mr6299919wrb;
        Sat, 10 Dec 2005 10:17:29 -0800 (PST)
Received: by 10.54.67.8 with HTTP; Sat, 10 Dec 2005 10:17:29 -0800 (PST)
Message-ID: <7573e9640512101017h471241d8r180a489d76d47bbe@mail.gmail.com>
Date: Sat, 10 Dec 2005 11:17:29 -0700
From: Richard Fish <bigfish@asmallpond.org>
Sender: richard.j.fish@gmail.com
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] advice on security and keyloggers
In-Reply-To: <439A4802.4070705@nethere.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: inline
References: <439A4802.4070705@nethere.com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by robin.gentoo.org id jBAIHTJ9014658
X-Archives-Salt: 132c5b33-a7e8-42c1-96fb-361ece0ec180
X-Archives-Hash: 6d317aef50fce9448df3f0edb0ad15a0

On 12/9/05, Jerry Turba <jturba@nethere.com> wrote:
> Should I be safe if I keep up on updates and the glsa?

As long as your X configuration is reasonably secure, yes.  But if you
do something silly like run "xhost +", then any remote user can
connect to your X server with xev and log keystrokes.

Generally though if you stick with the default configuration, keep
current with security updates, and avoid running services you don't
need, you have nothing to worry about.

-Richard

-- 
gentoo-user@gentoo.org mailing list