Date: Mon, 22 Jan 1996 23:30:56 -0800 (PST) From: Nathan Lawson <nlawson@statler.csc.calpoly.edu> To: tom@uniserve.com (Tom Samplonius) Cc: security@freebsd.org Subject: Re: Ownership of files/tcp_wrappers port Message-ID: <199601230730.XAA10321@statler.csc.calpoly.edu> In-Reply-To: <Pine.BSF.3.91.960122221256.811B-100000@haven.uniserve.com> from "Tom Samplonius" at Jan 22, 96 10:15:28 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> On Mon, 22 Jan 1996, Nathan Lawson wrote: > > > Secondly, I was wondering why the tcp_wrappers distribution didn't make it > > into the source tree instead of being a port. It's a pretty small program > > that hasn't received too many changes recently. It's very worthwhile and > > libwrap.a can be linked into portmap and ypserv a lot more easily (even > > making this the default, perhaps). > > Personally, I've always considered xinetd to the be the superior > solution to the access control problem, since it doesn't incur the extra > overhead of a fork+exec for every connection. This is a good idea, but I'd still like the libwrap.a or an equivalent library to link ypserv and portmap against by default. I think xinetd is a bit too big and possibly buggy, whereas tcp_wrappers is a bit smaller, but requires some fork overhead. I'd _prefer_ to see tcp_wrappers in the standard dist, with xinetd as a port, but that is my opinion only. Let's not have this distract us from my main point, which is that some kind of access control (whether xinetd or tcp_wrappers) should be installed by default, with easy-to-uncomment rules there for those people that need to get access control done quickly. -- Nate Lawson \Yeah, I was dreaming through the 'howzlife', yawning, car black, Owner: \when she told me 'mad and meaningless as ever...' and a song Cal Poly State \came on the radio like a cemetery rhyme for a million crying University \corpses in their tragedy of respectable existence. - BR
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601230730.XAA10321>