Bug 23253 - KDE has started listening on a TCP port
KDE has started listening on a TCP port
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: kdebase (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
Aaron Brown
Florence Beta-3
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-01-03 17:21 EST by Chris Evans
Modified: 2007-04-18 12:30 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-28 14:46:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Chris Evans 2001-01-03 17:21:58 EST
This is a full RH7.1beta1 install. No tweaks.

I fired up the KDE2 desktop. Unfortunately, using "netstat -ao", this
exposed a KDE2 listening socket in the default config!!

The guilty process was "kdeinit".

If possible this listening socket should be slayed mercilessly. We've
only just managed to get GNOME tcp-socket free by default, it would
be nice to keep KDE in this state too.

Note that this is a regression from RH7.0, which used KDE1.1, which
did not have this problem.
Comment 1 Bernhard Rosenkraenzer 2001-01-04 06:33:21 EST
Where exactly are you seeing this? I can see kdeinit listening on a unix socket
only (in the current version, meaning 2.0.20010102).
Comment 2 Gerald Teschl 2001-01-04 06:49:47 EST
Can't see it here as well (palin beta1 install).
Comment 3 Bernhard Rosenkraenzer 2001-01-04 06:54:07 EST
Assuming it's misread netstat output, closing
Comment 4 Chris Evans 2001-01-05 17:33:44 EST
No its definitely there for me
Full install of everything, BETA1
Logged in via gdm, selecting "KDE" session
"netstat -ao" shows tcp port 1025 listening (1024 taken by rpc.statd)
lsof -i tcp:1025 shows the guilty party as
"kdeinit: kxmlrpcd"
If you still don't see it, perhaps we can leave the bug open and I'll
check beta2 when it arrives soon.
Comment 5 Bernhard Rosenkraenzer 2001-01-06 10:47:06 EST
Definitely not happening here; can't telnet to port 1025 either (just in case my
netstat is buggy ;) ).
Comment 6 Bernhard Rosenkraenzer 2001-01-11 14:51:14 EST
kxmlrpcd listens on a tcp socket and is intended to do so.
It's most definitely not started by default though, both by checking and
proofreading the code.
Comment 7 Chris Evans 2001-01-16 18:33:37 EST
Thanks for info - will check with BETA2 or BETA3.
Any idea what I may have done to get "xmlrpcd" to launch when I log in? Does
running up a
certain application activate "xmlrpcd"?
Comment 8 Chris Evans 2001-02-11 19:12:25 EST
Re-opening after playing with BETA-3.
My desktop is in a state where kxmlrpcd starts by default.
I run up konqueror, did some web browsing, and looked at
my home dir too. I also had some KDE terminals running.

Now the desktop starts xmlrpcd by default and listens on
a TCP socket. This is dangerous because
- The medium security firewall won't block it, since it's a
high port. A _lot_ of desktop users will only have the
medium firewall due to IRC, ICQ, etc.
Comment 9 Bernhard Rosenkraenzer 2001-02-28 15:22:45 EST
[2.1-5] Ok, I've made kxmlrpcd listen on a UNIX socket instead. This totally 
breaks its functionality though, but there's nothing that can be done about 
it. You can't do remote scripting without listening on a tcp socket...

To re-enable the functionality, add
[KDE]
RemoteScripting=true

to kdeglobals.


Note You need to log in before you can comment on or make changes to this bug.