3

I am using Xvfb to run an a wine background application that needs a valid display. It appears that it binds to *:x11. For security reasons I would like to avoid opening any unnecessary ports.

Is there any way force Xvfb to bind to localhost rather than *?

Zulan
  • 595
  • 1
  • 5
  • 8

1 Answers1

5

Actually, if I understand your need correctly you can just skip TCP altogether.

Xvfb :0 -nolisten tcp

Afterwards this works:

DISPLAY=:0
xterm

And you can check yourself with netstat -ntlp | grep Xvfb that Xvfb has no ports open.

Eduardo Ivanec
  • 14,531
  • 1
  • 35
  • 42
  • Thanks, yes this seems to work fine. For some reason I thought it uses localhost by default, but now I assume it uses unix sockets - which makes perfect sense. – Zulan May 03 '11 at 17:20