Date: Sat, 7 Oct 2000 04:50:02 -0700 (PDT) From: Mike Meyer <mwm@mired.org> To: freebsd-ports@FreeBSD.org Subject: Re: ports/21814: Inetd's very existence is a security risk. Message-ID: <200010071150.EAA21816@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/21814; it has been noted by GNATS.
From: Mike Meyer <mwm@mired.org>
To: Kris Kennaway <kris@citusc.usc.edu>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: ports/21814: Inetd's very existence is a security risk.
Date: Sat, 7 Oct 2000 06:42:55 -0500 (CDT)
Kris Kennaway writes:
> On Sat, Oct 07, 2000 at 11:02:03AM -0000, mwm@mired.org wrote:
>
> > "make installworld" on your favorite box that doesn't run
> > inetd, and notice that you get a brand, spanking new copy of
> > inetd.
> That's what this is for in /etc/rc.conf:
> inetd_enable="NO" # Run the network daemon dispatcher (YES/NO).
> It's only a security risk if you're running it.
Didn't really read the PR carefully, did you? The relevant part is:
I always (always, always, always) turn off inetd on any system
that needs to be secured against exposure to the world. I'd
really it rather not be on the system *at all*.
In other words, I *know* how to turn, but I want it gone
completely. The patch makes that much saner. If you don't like that
behavior, don't add NO_INETD to /etc/make.conf.
<mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010071150.EAA21816>