Hi, I am trying to deny access to xrandr to remote users. I have ran the following command to deny access to remote users in the terminal:
xhost -local:
This command restricts access to the local machine only…but this will not persist beyond the current boot. My question to you is, Is it safe to make this persistent across boots, by adding to ~/.bashrc. I’m new to Linux, so I don’t want to get into a situation where I cannot see my own screen or anything like that. I am only accessing my machine physically, and not remotely.
I do not know. If you want to experiment and find out for yourself, backup your important files and have a PureOS image on a USB drive prepared beforehand for troubleshooting purposes.
I find myself confused about what you are asking. Maybe I am just ignorant.
What is your use case? You want to prevent remote users from taking a certain action, but you use the machine only as a physical local machine login and there are no remote users?
Maybe if other people get it, and I don’t, and then they give you much better and more accurate help than I ever could, then just ignore me on this topic.
Perhaps not. You may end up with an insecure result and/or a timing window because .bashrc only runs when it runs - which may be long after someone could remotely access your computer.
For example, what happens if you boot up your computer and then don’t log in? (for whatever reason)
As @FranklyFlawless suggests, one approach is to use a firewall.
Otherwise it is essential that the windowing system starts in the right state - so as to avoid a timing window (but that would require more knowledge than I have in order to find the right file to edit).
But, like @Dlonk, maybe I have not correctly grasped what your actual scenario is.