Closed Bug 149047 Opened 24 years ago Closed 24 years ago

port 6000 blocked security reasons

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED WONTFIX

People

(Reporter: daniel.armbrust.list, Assigned: darin.moz)

References

(
URL
)

Details

From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.0rc3) Gecko/20020523 BuildID: 2002052306 I cannont connect to a service on port 6000 (some other ports too.. don't know which ones) - it just gives an error message of "access has been denied for security reasons" Reproducible: Always Steps to Reproduce: 1.Try to hit a site at port 6000. 2.http://foo.com:6000 3. Actual Results: Error message. Expected Results: Gone to the site. This seems like a silly thing to block. What is being protected by not connecting on port 6000? IE will connect to 6000. I noticed old netscape programs cannont. Why are we keeping this silly "feature" from netscrape? Its almost like a Microsoft style security fix... (What, you mean if you connect to our web server on port 6000, it will crash? Well, lets make IE not connect on port 6000....)
port 6000 is used by X11 (the X-windows protocol). in order to prevent "malicious attacks from bad servers exploiting some X server behind your firewall via the web browser on your desk," we simply prevent the browser from accessing port 6000. marking WONTFIX
Status: UNCONFIRMED → RESOLVED
Closed: 24 years ago
Resolution: --- → WONTFIX
[mid-air collision, adding my comments in addition] > This seems like a silly thing to block. What is being protected by not > connecting on port 6000? To paraphrase comments in the near-identical bug 107444 , and elsewhere: this is to prevent you being used, by a malicious web page, as an unwilling accomplice in a distributed-denial-of-service or similar attack on the server. ---------------- start extract from the release notes: To override this on a per-port basis, add a comma separated list of ports to defaults/all.js (in your Mozilla installation directory). Note that this pref only works in the all.js file in the Mozilla installation directory and it affects all users of the installation. It does not work if you add it to the prefs.js file in your personal profile directory. For example, to unblock ports 1, 3, and 7, use the following line: pref("network.security.ports.banned.override", "1,3,7"); ---------------- end extract from the release notes.
Thanks for the great reply guys. Its interesting... I did a search from this page http://bugzilla.mozilla.org/ for "port 6000" and I only found one bug... which did not apply. Thats my defense for posting the dupe bug report, anyway. I don't know much (anything) about bugzilla, but it seems that if I search for 2 key words that both exist in the summary on another bug, I would find it. Maybe the search engine is not working properly? It definately doesn't work well at all for keeping novices from filing duplicate bug reports when it fails at a simple search like that. Just some thoughts.
The default search does not search resolved bugs.... :(
Verified wontfix.
Status: RESOLVED → VERIFIED
QA Contact: tever → junruh
This blocking is ABSOLUTELY UNACCEPTABLE. These are totalitarian Nazi methods! YOU DO NOT GET TO DECIDE OVER MY HEAD WHAT’S ALLOWED AND WHAT NOT! I demand this to be removed IMMEDIATELY! And how retarded do you think your users are? (Apart from you deliberately forcing them into stupidity by dumbing everything down like that.)
You need to log in before you can comment on or make changes to this bug.