Hello,

Though I don't want X installed on the machine that hosts my webpages, has there been any thought about allowing X to be remote accessed on any of your machines? Sometimes I want to do something on my account that an x program would make so much easier, but I'm not able. So what do you think, too much potential for abuse or what?

Brad

Unfortunately this is not something FutureQuest would permit due to security concerns.

-Brian

Obviously, saying no is within your rights, but I don't think having a machine with X installed opens you to any security risks that you do not already have.

What is 'X'? Do you mean Xwindows? or what?

--just curious, and not ashamed to show it. :P

<added later>
Nebermind. I think I found what you're asking about:
http://www.x.org/about_x.htm

</added later>

Yes and no :).

Xwindows is a service that is often used on X, and sometimes the term is used interchangeably with the term X. But what I'm actually talking about is X the network protocol. I'm simply asking futurequest to run X (on linux the only free implementation is XFree86, but there are other implementations I think). One of the most popular uses of X is to implement GUI applications, but X actually has alot of other services that it provides (I really only care about the gui stuff in this case tho).

To quickly sum up the problems with X, it is notoriously unstable (sometimes unfairly so), because it is often implemented using the most low level of code, thus problems cause your hardware to complain, and freezing up terminals and other extremely annoying behaviours. In terms of security, it is somewhat exploitable, tho there is little risk of it giving up root, more likely it will hog resources. However, I assume futurequest is well firewalled, so I don't think this is a legitimate concern.

Of course, I am not an administrator, so I don't really keep up to date with the available exploits, Brian may know of some security problems that I don't, I'd be interested to hear about them -- tho not in too much detail please. :)

One of the inherit issues with X-Windows is in it's complexity... Someone determined enough can spy on other sessions, snarf keystrokes, or read mouse events... With even more intent, they may be able to inject events into the processing system to make it appear it came from you... The latest XFree3.2 and 4.0 is not as susceptible as the older versions of X-Windows, however a lot of legacy complexity still remains...

On the flipside, it is a matter of resources... Why would I want to setup a special X-Windows client and have it carry the weight of your processing tasks... Your local X-Windows server is merely a looking glass to our server... Not to mention the headaches of administration or having to support that engine...

If you must have an X-Windows system, then you will need to run it locally on your system and use standard network protocols to communicate to our servers... X-Windows is just not a feasible offering and highly doubt it will ever be in our product mix...

In retrospect, if you must have an X-Windows system, then contact us privately at Service @ FutureQuest.net for potential collocation opportunity within our facility...

--
Terra
--You ship it, we rack it--
FutureQuest

Actually, I was being stupid (and this makes twice since I've been a member, not a good record for such a short tenure), really all I need is a better tool that supports sftp (or scp). I don't know why I got to thinking X was the solution to my problems, it really is a **** headache in many ways, and I don't blame you for not wanting to deal with it (in fact I just realized I have to upgrade my version of X, and I'm dreading it).

I'm merely going thru some struggles with how to manage content on my server, and whether to mirror it on my local machine. The real answer is to mirror it and then publish it up to your servers I suppose.

<edit>
In the future when I write something flaky, asking specific questions about offerings, maybe you should ask me what my problem is so that I don't waste too much of your time before I pour another glass of water and have a chance to think about what is really the matter. Ideally, I would perform the error check on my side, but as we've seen, I don't appear to be getting the job done :(
</edit>

In the future when I write something flaky, asking specific questions about offerings, maybe you should ask me what my problem is
Ha, not a chance... :P

The additional color is almost a creamy rainbow pastel in effect... :bounce:

I would recommend that you maintain your primary content on your local system, and push any changes to our server...

The 'right' tool for this job is none other than:
$rsync -essh -avzp --progress --delete /my/local/xdom/www server:/big/dom/xexample/www
(make sure to --exclude the 'stats' directory)

You'll notice that it uses SSH as a conduit for it's activity satisfying your security concern...

In short, master the usage of 'rsync' and the syncronicity within your life will reach a Zen like state... 8}

--
Terra
--rsync is high on my short list of all time favorite utilities for excellence in design and execution--
FutureQuest

Originally posted by brsett:
all I need is a better tool that supports sftp (or scp). If you'd like a GUI tool that does secure ftp, look at SecureFX (http://www.vandyke.com/products/securefx/index.html). BTW, normal ftp over SSH encrypts just the control channel, not the data channel. SecureFX encrypts both the control channel and the data channel.