Date: Wed, 1 Aug 2001 17:54:54 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: John Baldwin <jhb@FreeBSD.org> Cc: Kris Kennaway <kris@obsecurity.org>, stable@FreeBSD.org, arch@FreeBSD.org, Nate Williams <nate@yogotech.com>, "David O'Brien" <obrien@FreeBSD.org> Subject: Re: Disabling portmapper (was Re: Patch to modify default inetd. Message-ID: <Pine.NEB.3.96L.1010801175007.59808Q-100000@fledge.watson.org> In-Reply-To: <XFMail.010801143900.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 1 Aug 2001, John Baldwin wrote: > > On 01-Aug-01 Kris Kennaway wrote: > > On Wed, Aug 01, 2001 at 12:11:28PM -0700, David O'Brien wrote: > >> On Wed, Aug 01, 2001 at 09:08:29AM -0400, Robert Watson wrote: > >> > I'd be tempted to disable the portmapper (rpcbind in -CURRENT) by default, > >> > allowing it to either be manually enabled, or enabled by virtue of > >> > dependencies (something we already support). > >> > >> It already is disabled in -current since 2000-07-28 22:45:36 > >> portmap_enable="NO" # Run the portmapper service (YES/NO). > > > > But does sysinstall enable it by default? > > For liberal and moderate security, yes. Thus by default it does. It's > only left off for high and fascist security settings. Sadly, I think the "security profile" mechanism has only limited utility. It makes no attempt to match security to the function of the machine, rather, it is an attempt to linearize the application of security restrictions at relatively arbitrary (i.e., developer-defined rather than user-defined) points along an arbitrary scale. If anything, we should have profiles of features, not profiles of security settings in the current form. I.e., "Workstation", "Workstation with Remote Access", ... Enabling portmap should be a function of needing portmap, not a function of a "low" security profile. If the user asks to enable NFS, they should be warned they will incur certain risks, and that this will result in the enabling of certain other services, such as portmap. Likewise, they might be able to specifically enable portmap regardless of NFS, as they might have their own RPC applications, and likewise be warned of the risks and benefits. Because most consumers will only want portmap in the event they're using portmap for NFS or NIS, portmap might not be explicitly prompted for during install by itself, but be available as a config option in the post-install configuration section of sysinstall for manual frobbing. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010801175007.59808Q-100000>