Date: Sat, 7 Oct 2000 04:50:02 -0700 (PDT) From: Mike Meyer <mwm@mired.org> To: freebsd-ports@FreeBSD.org Subject: Re: ports/21814: Inetd's very existence is a security risk. Message-ID: <200010071150.EAA21816@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/21814; it has been noted by GNATS. From: Mike Meyer <mwm@mired.org> To: Kris Kennaway <kris@citusc.usc.edu> Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: ports/21814: Inetd's very existence is a security risk. Date: Sat, 7 Oct 2000 06:42:55 -0500 (CDT) Kris Kennaway writes: > On Sat, Oct 07, 2000 at 11:02:03AM -0000, mwm@mired.org wrote: > > > "make installworld" on your favorite box that doesn't run > > inetd, and notice that you get a brand, spanking new copy of > > inetd. > That's what this is for in /etc/rc.conf: > inetd_enable="NO" # Run the network daemon dispatcher (YES/NO). > It's only a security risk if you're running it. Didn't really read the PR carefully, did you? The relevant part is: I always (always, always, always) turn off inetd on any system that needs to be secured against exposure to the world. I'd really it rather not be on the system *at all*. In other words, I *know* how to turn, but I want it gone completely. The patch makes that much saner. If you don't like that behavior, don't add NO_INETD to /etc/make.conf. <mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010071150.EAA21816>