Date: Wed, 10 Sep 1997 07:50:18 +0200 From: Andreas Klemm <andreas@klemm.gtn.com> To: Mark Murray <mark@grondar.za> Cc: ports@FreeBSD.ORG Subject: Re: Major bogon in tcp_wrappers port. Message-ID: <19970910075018.17557@klemm.gtn.com> In-Reply-To: <199708051816.UAA15581@greenpeace.grondar.za>; from Mark Murray on Tue, Aug 05, 1997 at 08:16:55PM %2B0200 References: <199708051816.UAA15581@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 05, 1997 at 08:16:55PM +0200, Mark Murray wrote:
> <asbestos>
>
> _*PRETTY_PLEASE*_ cant we bring this into the "core" FreeBSD?
>
> With all the squeling about security, IMHO it is silly not to.
>
> </asbestos>
You're right, I'd vote for it as well.
On the other hand ... how much overhead does it bring ?
Every time when an inetd related service is being started,
the (of course small) tcpd program has to be executed.
Does it have to read and interpret sample /etc/hosts.allow
and /etc/hosts.deny files, that might/should/could be created
in /etc ?
And ... which inetd related server programs do we want to
protect, only some or all ?
Andreas ///
--
Andreas Klemm | klemm.gtn.com - powered by
Symmetric MultiProcessor FreeBSD
http://www.freebsd.org/~fsmp/SMP/SMP.html
http://www.freebsd.org/~fsmp/SMP/benches.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970910075018.17557>