[arch-general] mate-session listening socket lockdown
Troy Engel
troyengel+arch at gmail.com
Thu Apr 16 16:52:46 UTC 2015
Doing a little hardening, I notice on my workstations that
'mate-session' activates a user-level listening socket on 0.0.0.0 that
you can telnet into and slam with gibberish (and it doesn't exit) --
does anyone know how to set up a config to lock that to 127.0.0.1 and
::1?
$ netstat -lntp | grep mate-session
tcp 1 0 0.0.0.0:60715 0.0.0.0:*
LISTEN 24246/mate-session
tcp6 0 0 :::50621 :::*
LISTEN 24246/mate-session
$ telnet localhost 60715
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
HELP
asdas
asd
a
asd
a
^]
telnet> close
Connection closed.
I've had a perusal of the source[1] and see that it's some sort of
"xmp" thing, but I freely admit I don't do a lot of debugging in this
area of the X world (I'm a server guy). Any pointers what this is for
and how I can get it locked down? The gconf schema file doesn't have a
setting, perhaps it's configured somewhere else?
The Googletubes are failing me, or maybe I just don't understand what
I should be googling for to get the right hits...
thx!
-te
[1] https://github.com/mate-desktop/mate-session-manager/tree/1.8/mate-session
More information about the arch-general
mailing list