Date: Tue, 31 Jul 2001 22:53:42 -0600 From: "Mike Porter" <mike.porter@xrxgsn.com> To: "Robert Watson" <rwatson@FreeBSD.ORG>, <arch@FreeBSD.ORG>, "Derek C." <coffee@blarg.net> Cc: <stable@FreeBSD.ORG> Subject: Re: Patch to modify default inetd.conf, have sysinstall prompt to edit , inetd.conf Message-ID: <00e501c11a45$f2165520$0300a8c0@laptop>
next in thread | raw e-mail | index | archive | help
Somehow I missed the original of this.... -----Original Message----- From: Derek C. <coffee@blarg.net> To: Robert Watson <rwatson@FreeBSD.ORG>; arch@FreeBSD.ORG <arch@FreeBSD.ORG> Cc: stable@FreeBSD.ORG <stable@FreeBSD.ORG> Date: Tuesday, July 31, 2001 9:56 PM Subject: Re: Patch to modify default inetd.conf, have sysinstall prompt to edit , inetd.conf >Well, I am a fairly typical uninformed/idiot user, who is getting better >every day, and I say the documentation is great, and the patch is a great idea. > >Derek > >At 08:48 PM 7/31/2001, Robert Watson wrote: > [snip the first introductory bits] > >>needs. In particular in light of the recent ftpd and telnetd security >>bugs, it seems like 4.4-RELEASE would be a good time to move to a more >>conservative default of having both of these services disabled in the base >>install, as both NetBSD and OpenBSD have moved to doing. >> Seems like a pretty good idea to me; although it seems to me that perhaps disabling SSH by default is overkill; certainly I think that it is a good idea to disable telnet by default...nearly eveyone who NEEDS it should be able to add it easily enough...however... [...] >>concerning enabling and disabling services. It also modifies sysinstall >>such that enabling inetd in the post-install configuration describes inetd >>more than previously, mentions the risks, and then also presents the >>opportunity to edit inetd.conf if inetd is enabled. Also, during the >>normal install, the user is automatically prompted to enable or disable >>inetd in much the same style as the NFS server. >> [snip the details] It also seems to me that a better solution than just editing inetd.conf (especially for novice users) would be a sub-menu, similar to the one used to enable inetd and NFS and the like, allowing a user to check which services are desired. Of course, I am not familiar with sysinstall internals, so I don't know how much work this really entails, its just an idea. mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e501c11a45$f2165520$0300a8c0>