From owner-cvs-all  Tue Aug 14 20:36:12 2001
Delivered-To: cvs-all@freebsd.org
Received: from rover.village.org (rover.bsdimp.com [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP
	id 0CCE437B406; Tue, 14 Aug 2001 20:36:07 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.3/8.11.3) with ESMTP id f7F3a5q10271;
	Tue, 14 Aug 2001 21:36:06 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1])
	by harmony.village.org (8.11.3/8.11.4) with ESMTP id f7F3a5W20082;
	Tue, 14 Aug 2001 21:36:05 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Message-Id: <200108150336.f7F3a5W20082@harmony.village.org>
To: Greg Lehey <grog@FreeBSD.org>
Subject: Re: cvs commit: src/etc inetd.conf 
Cc: Alexander Langer <alex@big.endian.de>,
	Robert Watson <rwatson@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
In-reply-to: Your message of "Wed, 15 Aug 2001 10:54:26 +0930."
		<20010815105426.F61413@wantadilla.lemis.com> 
References: <20010815105426.F61413@wantadilla.lemis.com>  <200108020219.f722Jun16596@freefall.freebsd.org> <20010814213312.C22531@zerogravity.kawo2.rwth-aachen.d> 
Date: Tue, 14 Aug 2001 21:36:05 -0600
From: Warner Losh <imp@harmony.village.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

In message <20010815105426.F61413@wantadilla.lemis.com> Greg Lehey writes:
: On Tuesday, 14 August 2001 at 21:33:12 +0200, Alexander Langer wrote:
: > Thus spake Robert Watson (rwatson@FreeBSD.org):
: >
: >>   Default to disabling all inetd.conf entries, in particular, telnetd
: >>   and ftpd.  This more conservative default reduces the exposure of
: >
: > Let's disable all other services as well and start advertising
: > FreeBSD with "No remote exploit in the default install since xx months/
: > years", too, as the OpenBSD folks do.
: 
: I think that sounds funny enough in OpenBSD.  We don't want to be
: accused of stealing their slogans too.

Also, there's a catch.  The OpenBSD stuff does have holes in old
releases, so the above really should say "in the latest release at the
time."  OpenBSD 2.8's telnetd has a root hole, for example.

Wanrer

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message