Date: Mon, 27 Jul 1998 16:15:59 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: freebsd-security@FreeBSD.ORG Subject: inetd enhancements (fwd) Message-ID: <Pine.BSF.3.96.980727161523.8094F-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
This seems like security to me -- the binding issue is especially relevant to firewall hosts (multi-homed). Robert N Watson Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ ---------- Forwarded message ---------- Date: Mon, 27 Jul 1998 12:19:56 -0500 From: Jacques Vidrine <n@nectar.com> To: hackers@FreeBSD.ORG Subject: inetd enhancements -----BEGIN PGP SIGNED MESSAGE----- Hi, I'd like to add some functionality to inetd. The two features needed are: * binding selected services to a particular interface * chroot'ing before exec'ing the service I've implemented these features as a port that modifies the stock inetd source: http://www.freebsd.org/~nectar/ports/ninetd.shar http://www.freebsd.org/~nectar/ports/ninetd.tar.gz (the modified inetd gets installed in /usr/local/sbin, and gets its config from /usr/local/etc/inetd.conf, so it shouldn't be too intrusive) I also came across a patch that implements the binding in a different manner: see PR bin/2387. I'd like comments. Jacques Vidrine <n@nectar.com> -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNby2vDeRhT8JRySpAQEzYQQAyWBRkv1lhYxrnT3GUeVSTh1CcUesQdXT nDvIIjO5AlQHXQodH241WZBED3v2fcnjmf5hc5msg3E4H5yx059T7TexG9pHeIXT EiUQe/ZqG6LP2Cs4rN3kGmPIsp1442byE3MmeaNO80VSmhv0olx6r5KV0YR4qVqo FyPgUDxwWcM= =S1bV -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980727161523.8094F-100000>