Date: Wed, 01 Aug 2001 14:39:00 -0700 (PDT) From: John Baldwin <jhb@FreeBSD.org> To: Kris Kennaway <kris@obsecurity.org> Cc: stable@FreeBSD.org, arch@FreeBSD.org, Nate Williams <nate@yogotech.com>, Robert Watson <rwatson@FreeBSD.org>, "David O'Brien" <obrien@FreeBSD.org> Subject: Re: Disabling portmapper (was Re: Patch to modify default inetd. Message-ID: <XFMail.010801143900.jhb@FreeBSD.org> In-Reply-To: <20010801144335.C82198@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01-Aug-01 Kris Kennaway wrote: > On Wed, Aug 01, 2001 at 12:11:28PM -0700, David O'Brien wrote: >> On Wed, Aug 01, 2001 at 09:08:29AM -0400, Robert Watson wrote: >> > I'd be tempted to disable the portmapper (rpcbind in -CURRENT) by default, >> > allowing it to either be manually enabled, or enabled by virtue of >> > dependencies (something we already support). >> >> It already is disabled in -current since 2000-07-28 22:45:36 >> portmap_enable="NO" # Run the portmapper service (YES/NO). > > But does sysinstall enable it by default? For liberal and moderate security, yes. Thus by default it does. It's only left off for high and fascist security settings. -- John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010801143900.jhb>