Re: CDE Without ToolTalk?

From: Akop Pogosian (akopps@CSUA.Berkeley.EDU)
Date: 09/08/02 

Date: Sat, 7 Sep 2002 20:20:03 -0700
From: Akop Pogosian <akopps@CSUA.Berkeley.EDU>
To: focus-sun@securityfocus.com

On Thu, Sep 05, 2002 at 12:24:54PM -0700, Crist J. Clark wrote:
> Does anyone have a reference on how to lock down CDE? When asked to
> "harden" a Sun server, one of the first things to do is go through
> inetd.conf and take everything out but the basics, or even better, not
> run inetd at all.
>
> But the admins really don't like that since it breaks CDE. I don't
> like being stuck at the console prompt with one shell either. I
> wouldn't think it would be a lot to ask to just have a windowing
> environment so we can have multiple ttys going at once, but not have
> all of the extra network services like the dreaded ToolTalk server.
>
> Is there a way to get CDE going? It bails out for me once it finds it
> can't start up ToolTalk. Am I stuck going to a different windowing
> system (isn't Openwin depricated these days?)?
>
> (I think this has been covered before here, but SecurityFocus's search
> page keeps telling me the server is too busy, and I haven't had any
> luck Googling. Thanks.)

I was using a workstation for a while without Tooltalk enabled. I
didn't find any problems except that the worshop GUI doesn't start if
you run it from a remote workstation. If you need X11 GUI only for
system administration tasks while you're in machine room, why use CDE
at all? Disable all of CDE's network services and setuid root binaries
and configure a twm session and use that (or say, if you prefer a
fancy window manager compile fvwm2 or windowmaker).

I personally prefer to keep a monitor attached to at least one of the
secondary servers in the machine room. In cases when I need to spend
some time in a machine room, I'd rather use a real GUI and not a dumb
text terminal to browse sunsolve web site.

-akop

Relevant Pages

  • CDE Without ToolTalk?
    ... But the admins really don't like that since it breaks CDE. ... all of the extra network services like the dreaded ToolTalk server. ... Am I stuck going to a different windowing ...
    (Focus-SUN)
  • Re: docs.sun.com is useless!
    ... six documents for the new Sun Ray Server 4.0 on docs.sun.com. ... I can't comment so easily on CDE and dtlogin customization, ... CDE, dtlogin, Solaris 10 site:docs.sun.com ...
    (comp.unix.solaris)
  • Re: CDE Without ToolTalk?
    ... > Does anyone have a reference on how to lock down CDE? ... If you need multiple sessions there are a couple of ways ... > all of the extra network services like the dreaded ToolTalk server. ... about not being able to administer a server without a GUI. ...
    (Focus-SUN)
  • Re: CDE Command
    ... executable to start the X server) and then it runs mwm (the Motif Window ... The mwm cannot coexist with CDE so if you want to run CDE, ... as the command to start the X server. ... A shell script is the easiest way of running this. ...
    (comp.unix.aix)
  • Re: CDE Without ToolTalk?
    ... console server with network connectivity. ... > But the admins really don't like that since it breaks CDE. ... You can ssh into the server multiple ...
    (Focus-SUN)