Date: Tue, 26 Jan 1999 11:43:35 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Mark Murray <mark@grondar.za> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, Andreas Klemm <andreas@klemm.gtn.com>, Nate Williams <nate@mt.sri.com>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: Small, useful tools (Was: Re: 'cpdup' program, and question) Message-ID: <199901261943.LAA20994@apollo.backplane.com> References: <27224.917376396@critter.freebsd.dk> <199901261912.VAA50572@greenpeace.grondar.za> <199901261922.LAA20798@apollo.backplane.com> <199901261933.VAA50713@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
:What do you mean by that? If the OOB sendmail is linked against libwrap
:but the default config files cause sendmail to behave exactly as it
:does without wrappers, is that OK? Or do you object to it being linked
:against libwrap in the first place?
libwrap is ok, at least to a point.
I've seen people throw in the kitchen sink using tcp wrappers and
create more problems for their systems then they've solved. It is
fairly easy, for example, to attack a system running tcp wrappers
which does reverse-ident authentication. I don't mind something like
sendmail doing it - I think that's a good feature, but some people
just go completely bonkers with tcp wrappers.
-Matt
Matthew Dillon
<dillon@backplane.com>
:As far as inetd is concerned (with the current inetd/tcpd model)
:that folks will wish to choose, and so propose that the default
:inetd.conf has entries for wrapped daemons in addition to unwrapped
:(commented out, of course) for reference.
:
:OOB config file should have a <expletive>-load of examples with
:POLA-type defaults.
:
:M
:--
:Mark Murray
:Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901261943.LAA20994>