Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 12 Oct 2000 00:35:52 +0200
From:      Neil Blakey-Milner <nbm@mithrandr.moria.org>
To:        Matt Dillon <dillon@earth.backplane.com>
Cc:        Marius Bendiksen <mbendiks@eunet.no>, arch@FreeBSD.ORG
Subject:   Re: cvs commit: src/etc inetd.conf
Message-ID:  <20001012003552.A49482@mithrandr.moria.org>
In-Reply-To: <200010111905.e9BJ59X21786@earth.backplane.com>; from dillon@earth.backplane.com on Wed, Oct 11, 2000 at 12:05:09PM -0700
References:  <Pine.BSF.4.05.10010110202310.51005-100000@login-1.eunet.no> <200010111905.e9BJ59X21786@earth.backplane.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed 2000-10-11 (12:05), Matt Dillon wrote:
> 
> :
> :>     Nobody is saying we should remove these programs, only that they
> :>     should not be turned on by default.  They should be commented out
> :>     in inetd.conf (like everything else in inetd.conf) so the machine
> :
> :Why not make them turned on by default, and make a package which makes
> :your system secureish? Such a package can be installed from the usual
> :sysinstall procedure.
> :
> :>     isn't poked full of holes when someone turns inetd on without looking 
> :>     at inetd.conf.  I can't imagine why anyone would do that, I guess
> :
> :"If someone points a gun at their foot, and pull the trigger, it is Unix'
> :task to reliably deliver the bullet to it's intended target." - phk, iirc.
> :
> :It should not be our task to cover for people in such a fashion. If they
> :are unable to secure the system by themselves, they can install such a
> :security port. If they fail to do even that, then they can use Windows
> :2000, which by most accounts is getting close to stableish.
> :
> :Marius
> 
>     There's being 'reasonable' and there's being 'unreasonable'.  This 
>     type of argument doesn't wash when the reasonable thing to do, with
>     the availability of ssh, is to make things 'reasonably secure' by
>     default.  You can't ask for more, but neither should you require
>     less.  The lowest common denominator is not telnet or ftp any more.

Enough arguing.

You can turn inetd off if you like.  You can choose "High Security".
Noone's suggesting changes to the system such that it will boot up with
telnetd no matter what you choices you make in the system install
(although I think we should remove that securelevel from "high
security").

You have to choose a security setting anyway, so it's no extra work.
You have to change permissions, build complex chroot or jail
environments, and a whole bunch of other things before considering
yourself highly secure, so changing one tickbox isn't going to kill you.

Finding out that the "normal security" default comes without ftp and
telnet will mean extra work for lots of people, though.  It's reasonable
to expect telnet is available if you choose "normal security", and ftp
is probably also a reasonable assumption, I imagine.  Beyond those, I
don't think inetd requires to run anything by default, but I'm open to
suggestions.

The balance between security and user-friendliness is hard to keep, and
whatever anyone might claim, we do need to cater at least a little bit
for new users by default.  This means not forcing them to choose "low
security" and make their machine a sitting target just to make it easy
for them to enable ftp and telnet.

With regards rsh - it's use is most likely restricted to cases where
people know they need it, and know they need to enable it in inetd.  I
doubt they'd particularly care if they had to remove a comment off it.
Most new environments will probably use ssh, or rsh with extra Kerberos
stuff which implies some knowledge and skill again, and having to set up
Kerberos on the machine anyway (I don't think we have a way to customize
that from sysinstall, do we?)

Neil
-- 
Neil Blakey-Milner
nbm@mithrandr.moria.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001012003552.A49482>