From owner-cvs-all  Sun Oct  8 13:12:20 2000
Delivered-To: cvs-all@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id EBA9A37B503; Sun,  8 Oct 2000 13:12:14 -0700 (PDT)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.0/8.11.0) with ESMTP id e98KCBY04417;
	Sun, 8 Oct 2000 14:12:12 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id OAA04322; Sun, 8 Oct 2000 14:12:11 -0600 (MDT)
Message-Id: <200010082012.OAA04322@harmony.village.org>
To: Matt Dillon <dillon@earth.backplane.com>
Subject: Re: cvs commit: src/etc inetd.conf 
Cc: Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>,
	cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
In-reply-to: Your message of "Sun, 08 Oct 2000 12:56:19 PDT."
		<200010081956.e98JuJB00920@earth.backplane.com> 
References: <200010081956.e98JuJB00920@earth.backplane.com>  <200010081931.e98JVFV00782@earth.backplane.com> <20001008200835.C73177@lucifer.bart.nl> <20001008192311.B73177@lucifer.bart.nl> <200010081245.FAA23881@freefall.freebsd.org> <200010081713.LAA02405@harmony.village.org> <20001008192311.B73177@lucifer.bart.nl> <200010081747.LAA02635@harmony.village.org> <200010081836.MAA03208@harmony.village.org> <200010081942.NAA03812@harmony.village.org> 
Date: Sun, 08 Oct 2000 14:12:11 -0600
From: Warner Losh <imp@village.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <200010081956.e98JuJB00920@earth.backplane.com> Matt Dillon writes:
:     We're kinda in a 'changing of the guard' situation in regards to 
:     telnet, rsh, rcp, rlogin, verses ssh.   And we have been for about a
:     year.  The only thing holding the process up has been the patent issue
:     and that is now gone.

Right.

:     Even if we don't disable these old services by default in 4.x, I think
:     we should absolutely disable them when the 5.0 release comes around.  ssh
:     is the only acceptable solution for a UNIX sysadmin in today's world.

I agree.  To be clear, I do not advocate removing the binaries.

:     Do any committers have any objections to me disabling ntalk, finger,
:     telnet, rsh, and ftp by default in -current?  And sandboxing 'named' by
:     default in -current?

I'd like to review any changes in this area.  Maybe we should move
this to arch@ and talk about it there.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message