Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 7 Oct 2000 13:04:48 -0400
From:      Bill Fumerola <billf@chimesnet.com>
To:        Mike Meyer <mwm@mired.org>
Cc:        freebsd-ports@FreeBSD.org
Subject:   Re: ports/21814: Inetd's very existence is a security risk.
Message-ID:  <20001007130448.M38472@jade.chc-chimes.com>
In-Reply-To: <14815.21228.196822.666136@guru.mired.org>; from mwm@mired.org on Sat, Oct 07, 2000 at 11:44:28AM -0500
References:  <200010071150.EAA21816@freefall.freebsd.org> <20001007123306.L38472@jade.chc-chimes.com> <14815.21228.196822.666136@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, Oct 07, 2000 at 11:44:28AM -0500, Mike Meyer wrote:

> > This is getting borderline absurd. If you don't like it don't run it.
> 
> That may well be the case. Then again - is anything to far for
> security? Having it not be there means it doesn't get run, ever.

                             vvvvvvvvv
> > All the other NO_*'s are typically because the program is one that takes
> > a long time to build(usually with no benefit, see ObjC..), conflicts with other
> > programs that do the same thing (sendmail, lpr), or are illegal for some of
> > us to use.
> 
> So for whom is it illegal to use the suid perl binary?

% Typical \Typ"ic*al\, a. [L. typicus, Gr. ?, from ? type: cf. F.
%    typique. See {Type}.]
%    1. Of the nature of a type; representing something by a form,
%       model, or resemblance; emblematic; prefigurative.
%             The Levitical priesthood was only typical of the
%             Christian.                            --Atterbury.
%    2. (Nat. Hist.) Combining or exhibiting the essential
%       characteristics of a group; as, a typical genus. --
%       {Typ"ic*al*ly}, adv. -- {Typ"ic*al*ness}, n.
% .
% typically
%      adv : in a typical manner; "Tom was typically hostile" [ant: {atypically}]

> > We don't just make them because we hate the very existance of a program[1].
> 
> It's not the existence I hate; it's having it running on machines that
> it shouldn't be running on that bothers me. I'm tired of removing it
> by hand.

changing "#NO_INETD=true" to "NO_INETD=true" is equally as easy as
echo inetd_enable="NO" >> /etc/rc.conf

-- 
Bill Fumerola - Network Architect, BOFH / Chimes, Inc.
                billf@chimesnet.com / billf@FreeBSD.org





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001007130448.M38472>