From owner-freebsd-security Thu Jun 26 14:31:33 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id OAA13604 for security-outgoing; Thu, 26 Jun 1997 14:31:33 -0700 (PDT) Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA13598 for ; Thu, 26 Jun 1997 14:31:30 -0700 (PDT) Received: from localhost (bradley@localhost) by ns2.harborcom.net (8.8.5/8.8.5) with SMTP id RAA27219; Thu, 26 Jun 1997 17:31:22 -0400 (EDT) Date: Thu, 26 Jun 1997 17:31:22 -0400 (EDT) From: Bradley Dunn X-Sender: bradley@ns2.harborcom.net To: sthaug@nethelp.no cc: freebsd-security@FreeBSD.ORG Subject: Re: SSHD from Inetd In-Reply-To: <4731.867356839@verdi.nethelp.no> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Thu, 26 Jun 1997 sthaug@nethelp.no wrote: > I've been wishing for a few more knobs for just such situations - for > instance a knob to control whether portmap is started or not. I normally > turn off portmap - because I have no use for it, and because portmap has > traditionally had security holes. (I'm confident that the FreeBSD portmap > is better than the old SunOS 4.1.x portmap in this regard, but it could > still have security holes.) Recent rc.conf's have this: portmap_enable="YES" # Run the portmapper service (or NO). portmap_flags="" # Flags to portmap (if enabled). pbd -- You can make it illegal, but you can't make it unpopular.