From owner-freebsd-ports Tue Sep 9 23:19:36 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id XAA09909 for ports-outgoing; Tue, 9 Sep 1997 23:19:36 -0700 (PDT) Received: from news1.gtn.com (news1.gtn.com [192.109.159.3]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA09889 for ; Tue, 9 Sep 1997 23:19:27 -0700 (PDT) Received: (from uucp@localhost) by news1.gtn.com (8.8.6/8.8.6) with UUCP id IAA27317; Wed, 10 Sep 1997 08:15:21 +0200 (MET DST) Received: (from andreas@localhost) by klemm.gtn.com (8.8.7/8.8.7) id HAA00637; Wed, 10 Sep 1997 07:50:18 +0200 (CEST) Message-ID: <19970910075018.17557@klemm.gtn.com> Date: Wed, 10 Sep 1997 07:50:18 +0200 From: Andreas Klemm To: Mark Murray Cc: ports@FreeBSD.ORG Subject: Re: Major bogon in tcp_wrappers port. References: <199708051816.UAA15581@greenpeace.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.79 In-Reply-To: <199708051816.UAA15581@greenpeace.grondar.za>; from Mark Murray on Tue, Aug 05, 1997 at 08:16:55PM +0200 X-Disclaimer: A free society is one where it is safe to be unpopular X-Operating-System: FreeBSD 3.0-CURRENT SMP Sender: owner-freebsd-ports@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, Aug 05, 1997 at 08:16:55PM +0200, Mark Murray wrote: > > > _*PRETTY_PLEASE*_ cant we bring this into the "core" FreeBSD? > > With all the squeling about security, IMHO it is silly not to. > > You're right, I'd vote for it as well. On the other hand ... how much overhead does it bring ? Every time when an inetd related service is being started, the (of course small) tcpd program has to be executed. Does it have to read and interpret sample /etc/hosts.allow and /etc/hosts.deny files, that might/should/could be created in /etc ? And ... which inetd related server programs do we want to protect, only some or all ? Andreas /// -- Andreas Klemm | klemm.gtn.com - powered by Symmetric MultiProcessor FreeBSD http://www.freebsd.org/~fsmp/SMP/SMP.html http://www.freebsd.org/~fsmp/SMP/benches.html