From owner-freebsd-arch Tue Oct 10 17: 6:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 8C39737B66C for ; Tue, 10 Oct 2000 17:06:19 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id CAA67283; Wed, 11 Oct 2000 02:06:17 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id CAA51074; Wed, 11 Oct 2000 02:06:17 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Wed, 11 Oct 2000 02:06:17 +0200 (CEST) From: Marius Bendiksen To: Matt Dillon Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010101620.e9AGKoo13270@earth.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Nobody is saying we should remove these programs, only that they > should not be turned on by default. They should be commented out > in inetd.conf (like everything else in inetd.conf) so the machine Why not make them turned on by default, and make a package which makes your system secureish? Such a package can be installed from the usual sysinstall procedure. > isn't poked full of holes when someone turns inetd on without looking > at inetd.conf. I can't imagine why anyone would do that, I guess "If someone points a gun at their foot, and pull the trigger, it is Unix' task to reliably deliver the bullet to it's intended target." - phk, iirc. It should not be our task to cover for people in such a fashion. If they are unable to secure the system by themselves, they can install such a security port. If they fail to do even that, then they can use Windows 2000, which by most accounts is getting close to stableish. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message