Date: Mon, 25 Nov 1996 13:47:47 -0800 (PST) From: Brant Katkansky <brantk@atlas.com> To: jgreco@brasil.moneng.mei.com (Joe Greco) Cc: brantk@atlas.com, jgreco@brasil.moneng.mei.com, peter@taronga.com, hackers@freebsd.org Subject: Re: Replacing sendmail Message-ID: <199611252147.NAA13499@itchy.atlas.com> In-Reply-To: <199611252133.PAA15621@brasil.moneng.mei.com> from Joe Greco at "Nov 25, 96 03:33:22 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > That extends to other things as well. :-) Anybody want to write a little > > > tool that "knows" how to do this, configurably? Maybe some mtree files > > > plus a little menu widget. > > > > > > A quick inspection reveals that the following files (maybe more) are suid: > > > > [snip] > > > > > It seems to me that many of these are parts of various system "services" > > > (UUCP, LPR, Mail, YP, rcmds). What might be way cool is a program that > > > presents a menu such as > > > > > > System Services > > > --------------- > > > enabled A) Sendmail > > > disabled B) UUCP > > > disabled C) Printing > > > enabled D) IIJ-PPP > > > disabled E) sliplogin > > > > I think this is something I'd be interested in doing. > > > > How 'bout I do it as a command-line util first (cf. pkg_* tools) > > and then wedge in a convenient user interface later? > > That would certainly be appropriate, at least from the point of view of > MTA's, or alternative printing mechanisms. > > pkg_control -disable sendmail > > perhaps, for an install of Qmail, Smail, etc. > > People will argue over whether to simply remove suid bits or to make it > mode 000... How about something like this: pkg_control -safe sendmail # remove s[i|g]id bits pkg_control -disable sendmail # make mode 000 pkg_control [-force] -remove sendmail # remove the executable This much would be simple, I should think. > (This might even help to lay the foundations to start packagizing a lot > of the "base" system components. There is no real reason to have a lot > of this stuff on something like a router. I might like very much to > remove Sendmail, or the LPR stuff, etc., from a router at some point.) It would be (more?) helpful to be able to not install it in the first place, but like you say, little steps first. > But little steps first. ;-) > > If I can offer any advice, please do not hesitate to ask. You might regret it. :) -- Brant Katkansky (brantk@atlas.com) Software Engineer, ADC
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611252147.NAA13499>