Closed Bug 107444 Opened 24 years ago Closed 24 years ago

"security" bug on port 6000

Categories

(Core :: Security: CAPS, defect)

Product:
Core
Component:
Security: CAPS
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: staylor, Assigned: asa)

References

(
URL
)

Details

When attempting to connect to a http server running on port 6000, I get the error "Access to the port number given disabled for security reasons". This means I cannot connect to the http server. What possibly security problems could arise from connecting to a http server on port 6000? Could this please be fixed, or at least have a message with atleast a little bit of meaning, like why this port should be disabled. And also offer the option of disabling this ridiculus "feature".
port 6000 is, according to the comments in nsIOService.cpp, used for X11 traffic. As a result, we disable it by default in order to prevent malicious web pages from triggering requests to that port. You can override this by adding the following to your prefs.js or user.js in your profile directory: user_pref("network.security.ports.banned.override", "6000"); (the second parameter is a comma-separated list of banned ports to be allowed.) For a full list of banned ports, see http://lxr.mozilla.org/seamonkey/source/netwerk/base/src/nsIOService.cpp#77 This bug is invalid.
Status: UNCONFIRMED → RESOLVED
Closed: 24 years ago
Component: Browser-General → Networking
Resolution: --- → INVALID
vrfy invalid
Status: RESOLVED → VERIFIED
Component: Networking → Security: CAPS
QA Contact: doronr → mstoltz
*** Bug 255776 has been marked as a duplicate of this bug. ***
*** Bug 285425 has been marked as a duplicate of this bug. ***
*** Bug 307200 has been marked as a duplicate of this bug. ***
I thought, that for blocking request to some port people use firewals, but not mozilla...
You need to log in before you can comment on or make changes to this bug.