From owner-freebsd-security  Tue Nov 23 13:28:12 1999
Delivered-To: freebsd-security@freebsd.org
Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10])
	by hub.freebsd.org (Postfix) with ESMTP id 0A80B15415
	for <security@FreeBSD.ORG>; Tue, 23 Nov 1999 13:28:02 -0800 (PST)
	(envelope-from jeremyp@gsmx07.alcatel.com.au)
Received: by border.alcanet.com.au id <40336>; Wed, 24 Nov 1999 08:19:35 +1100
Content-return: prohibited
Date: Wed, 24 Nov 1999 08:26:25 +1100
From: Peter Jeremy <jeremyp@gsmx07.alcatel.com.au>
Subject: Re: Disabling FTP (was Re: Why not sandbox BIND?)
In-reply-to: <Pine.BSF.3.96.991122101552.17064C-100000@inbox.org>
To: "Mr. K." <bsd@a.servers.aozilla.com>
Cc: security@FreeBSD.ORG
Reply-To: peter.jeremy@alcatel.com.au
Message-Id: <99Nov24.081935est.40336@border.alcanet.com.au>
MIME-version: 1.0
X-Mailer: Mutt 1.0pre3i
Content-type: text/plain; charset=us-ascii
References: <38392E75.860D36D@vangelderen.org>
 <Pine.BSF.3.96.991122101552.17064C-100000@inbox.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On 1999-Nov-23 02:19:51 +1100, Mr. K. wrote:
>> > I think it seems clear by now that people on both sides of the trenches of
>> > this debate have hunkered in, and won't budge.  Linux distributors Red Hat
>> > and Mandrake solved the issue by presenting the user an option at install
>> > time similar to "do you want server/workstation/custom machine". I vote
>> > that we do something similar; just present the user an option at install
>> > time.  I don't think anyone has objections to this solution.
>> 
>> Sounds fine:
>>   [x] newbie mode
>> ;-)
>> 
>
>Would this be hard to do?

Not particularly hard.

>  Could someone give me a pointer of where I
>could look to find out how to change the install procedure?

/usr/src/release/sysinstall/install.c currently prompts "Do you want
to allow anonymous FTP connections to this machine?"  It would be
fairly simple to add a couple of additional questions before this point
"Do you want to allow {FTP,TELNET,...} connections to this machine?",
and edit inetd.conf appropriately.  You should also make relevant
changes to the help files.

Peter


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message