From owner-freebsd-security Sun Aug 16 01:38:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA14527 for freebsd-security-outgoing; Sun, 16 Aug 1998 01:38:28 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA14520 for ; Sun, 16 Aug 1998 01:38:24 -0700 (PDT) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199808160838.BAA14520@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA203236624; Sun, 16 Aug 1998 18:37:04 +1000 From: Darren Reed Subject: Re: inetd enhancements (fwd) To: ncb05@uow.edu.au (Nicholas Charles Brawn) Date: Sun, 16 Aug 1998 18:37:04 +1000 (EST) Cc: security@FreeBSD.ORG In-Reply-To: from "Nicholas Charles Brawn" at Aug 16, 98 06:22:57 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Nicholas Charles Brawn, sie said: > > On Sun, 16 Aug 1998, Darren Reed wrote: > > > > > allowing different programs to bind to different IP addresses > > (on a multi-ip# box) is something inetd does not do and can't > > handle with packet filters and requires tcpd/fwtk type solution. > > > > however, I think that rather hacking that functionality into > > inetd, look at xinetd (which already has numerous additions) > > and leave inetd to be more standard... > > > > > > However, as others have pointed out before, there is a certain piece of > mind gained when dealing with nice, neat, smaller programs. There are > fewer places for things to go wrong: > root@devel:/tmp/xinetd-2.2.1/xinetd# wc -l *.c |grep total > 12104 total > root@devel:/tmp/xinetd-2.2.1/xinetd# cd /usr/src/usr.sbin/inetd/ > root@devel:/usr/src/usr.sbin/inetd# wc -l *.c |grep total > 1883 total > root@devel:/usr/src/usr.sbin/inetd# > > In this case, I believe a patch that augments inetd's functionality > should be incorporated, so long as it is audited first. :) You're missing the point I was making. xinetd is basically a collection of augmentations to inetd. I believe it is better that such development continue around it rather than pollute inetd. Otherwise, you'll just find yourself slowly making inetd grow to match what xinetd is. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message