Date: Mon, 22 Apr 2002 17:18:07 -0400 From: "Moti Levy" <moti@flncs.com> To: "Rafter Man" <rafter@linuxmail.org>, <freebsd-questions@freebsd.org> Subject: Re: [security] Re: Mysterious sshd "starting itself" at bootup Message-ID: <000f01c1ea43$32da4bc0$6400a8c0@yafa> References: <20020422094515.7442.qmail@linuxmail.org>
next in thread | previous in thread | raw e-mail | index | archive | help
just change the local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" to
what ever you like ....
----- Original Message -----
From: "Rafter Man" <rafter@linuxmail.org>
To: <freebsd-questions@freebsd.org>
Sent: Monday, April 22, 2002 5:45 AM
Subject: [security] Re: Mysterious sshd "starting itself" at bootup
> ----- Original Message -----
> From: "Peter Leftwich" <Hostmaster@Video2Video.Com>
> > It was my understanding that the stuff in /etc/rc.network have some
> > dependencies on what the sysadmin has configured IN /etc/rc.conf as
there
> > are some lines in my /etc/rc.network that say:
> >
> > case ${sshd_enable} in
> > [Yy][Ee][Ss])
> >
> > And some lines in my /etc/rc.conf that say:
> >
> > sshd_enable="NO" # Enable sshd
> >
> > ...which in other words would match the /etc/rc.network stuff above were
it:
> >
> > case ${sshd_enable} in
> > [Nn][Oo])
>
> Maybe it is just me, but for security reasons I think that it should only
be possible to start services
> from 1 file/place at bootup. So that you in /boot have a directory for the
system bootup files (all for them)
> and one for user and other (programs and services) bootup files.
> This way ALL the boot files and in /boot and services like FTP, SMTP, SSH,
HTTP can not be started
> by system files, but only by user/other files.
>
> Likewise I think that there should be a /etc/services directory with
underdirectories like:
> /etc/services/ftp and ALL the configuration files for ftp should be there,
but maybe I am
> the only one who likes it when things are sooooo simple.
>
> I am VERY pleased to see that FreeBSD 5.0 have put some order in the
FreeBSD filesystem, but
> I still think there are to many exampels for configuration files not "in
place". Meaning
> that in order to setup (fx) sendmail, you have to studie which bootfiles
it writes to and
> where it put all it's own configuration files, things could be a lot
easier if all were in
> "the right place".
> So when you install a service, fx sendmail files go here:
> /boot/services/sendmail.sh (if the files is a script then run it)
> /etc/service/sendmail/ all sendmails configuration files
> /usr/services/sendmail/ all sendmails other files.
>
> Or is this just plain dumb?
>
> /rafter
> --
>
> Get your free email from www.linuxmail.org
>
>
> Powered by Outblaze
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c1ea43$32da4bc0$6400a8c0>