The medium security level in lokkit blocks the X11 ports on 6000:6009, but
it doesn't block VNC ports on 5800:5809 and 5900:5909. I'd hope it would,
since a.) VNC is essentially a cleartext protocol, and b.) one can do more
damage via VNC than via an unprotected X port.
We (Red Hat) should really try to fix this before next release.
Created attachment 92658 [details]
Patch 1 to ipchains writer
Created attachment 92659 [details]
Patch 2 to spec file to apply patch 1
Fixed differently in redhat-config-securitylevel-1.2.0-1.