Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2005

    Is Xserver bring security problem to Linux server

    I am an Oracle DBA. I have had an argument with our Linux system admin. I want him to turn on Xserver on Linux server so that I can use Xwindowns to display Oracle DBCA on my desktop to create a new oracle database. However, he told me that turning Xserver on will cause security vulnerability to the Linux server. I don't understand how could this happen? Xserver is a component of Linux system. if it could cause these problem, why does Linux integrate this program into its system. I don't think this is correct description. Can you, experts or guru, put your comments here to let me learn from you? Thanks.

  2. #2
    The thing is that installing the X window system means installing a hell of a lot of extra code. All that extra code means a lot of extra possible vulnerabilities. The connection between your desktop and the server also needs to be secured (read: encrypted), otherwise anybody on your network can see whatever you're doing on the server and could even take over your session without you knowing it. Anything running in X is also a lot harder to secure and isloate from the rest of the system. This means your desktop needs to be absolutely secure. Should a hacker take control of your desktop, it would become relatively easy for him to compromise the server, unless the server is properly hardened with SELinux etc. - requiring a lot of extra time of the server administrator.

    I'm not gonna go into any more technicalities here, but it is considered a bad practice to install X on a server when it can deliver its services without X.

    I don't know anything about databases, but I'm inclined to agree with your sysadmin. If there is a way for you to do what you want to do without requiring the X window system to be running on the server, you should do that.
    Would it be possible to securely mount a network drive to your desktop and use the DBCA client on your desktop to create and manage databases on the server's disk?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts