Date: Sun, 16 Aug 1998 18:37:04 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: ncb05@uow.edu.au (Nicholas Charles Brawn) Cc: security@FreeBSD.ORG Subject: Re: inetd enhancements (fwd) Message-ID: <199808160838.BAA14520@hub.freebsd.org> In-Reply-To: <Pine.SOL.4.02A.9808161809120.13076-100000@banshee.cs.uow.edu.au> from "Nicholas Charles Brawn" at Aug 16, 98 06:22:57 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Nicholas Charles Brawn, sie said: > > On Sun, 16 Aug 1998, Darren Reed wrote: > > > > > allowing different programs to bind to different IP addresses > > (on a multi-ip# box) is something inetd does not do and can't > > handle with packet filters and requires tcpd/fwtk type solution. > > > > however, I think that rather hacking that functionality into > > inetd, look at xinetd (which already has numerous additions) > > and leave inetd to be more standard... > > > > > > However, as others have pointed out before, there is a certain piece of > mind gained when dealing with nice, neat, smaller programs. There are > fewer places for things to go wrong: > root@devel:/tmp/xinetd-2.2.1/xinetd# wc -l *.c |grep total > 12104 total > root@devel:/tmp/xinetd-2.2.1/xinetd# cd /usr/src/usr.sbin/inetd/ > root@devel:/usr/src/usr.sbin/inetd# wc -l *.c |grep total > 1883 total > root@devel:/usr/src/usr.sbin/inetd# > > In this case, I believe a patch that augments inetd's functionality > should be incorporated, so long as it is audited first. :) You're missing the point I was making. xinetd is basically a collection of augmentations to inetd. I believe it is better that such development continue around it rather than pollute inetd. Otherwise, you'll just find yourself slowly making inetd grow to match what xinetd is. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808160838.BAA14520>