From owner-freebsd-security  Sun Aug 16 01:38:28 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA14527
          for freebsd-security-outgoing; Sun, 16 Aug 1998 01:38:28 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.224.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA14520
          for <security@FreeBSD.ORG>; Sun, 16 Aug 1998 01:38:24 -0700 (PDT)
          (envelope-from avalon@coombs.anu.edu.au)
Message-Id: <199808160838.BAA14520@hub.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA203236624; Sun, 16 Aug 1998 18:37:04 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: inetd enhancements (fwd)
To: ncb05@uow.edu.au (Nicholas Charles Brawn)
Date: Sun, 16 Aug 1998 18:37:04 +1000 (EST)
Cc: security@FreeBSD.ORG
In-Reply-To: <Pine.SOL.4.02A.9808161809120.13076-100000@banshee.cs.uow.edu.au> from "Nicholas Charles Brawn" at Aug 16, 98 06:22:57 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Nicholas Charles Brawn, sie said:
> 
> On Sun, 16 Aug 1998, Darren Reed wrote:
> 
> > 
> > allowing different programs to bind to different IP addresses
> > (on a multi-ip# box) is something inetd does not do and can't
> > handle with packet filters and requires tcpd/fwtk type solution.
> > 
> > however, I think that rather hacking that functionality into
> > inetd, look at xinetd (which already has numerous additions)
> > and leave inetd to be more standard...
> > 
> > 
> 
> However, as others have pointed out before, there is a certain piece of
> mind gained when dealing with nice, neat, smaller programs. There are
> fewer places for things to go wrong:
> root@devel:/tmp/xinetd-2.2.1/xinetd# wc -l *.c |grep total
>    12104 total
> root@devel:/tmp/xinetd-2.2.1/xinetd# cd /usr/src/usr.sbin/inetd/
> root@devel:/usr/src/usr.sbin/inetd# wc -l *.c |grep total
>     1883 total
> root@devel:/usr/src/usr.sbin/inetd#
> 
> In this case, I believe a patch that augments inetd's functionality
> should be incorporated, so long as it is audited first. :)

You're missing the point I was making.

xinetd is basically a collection of augmentations to inetd.  I believe it
is better that such development continue around it rather than pollute inetd.

Otherwise, you'll just find yourself slowly making inetd grow to match what
xinetd is.

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message