Date: Fri, 22 Sep 2000 12:22:00 -0600 From: Brett Glass <brett@lariat.org> To: Drew Derbyshire <ahd@kew.com>, freebsd-security@FreeBSD.ORG Subject: Re: sysinstall DOESN'T ASK, dangerous defaults! Message-ID: <4.3.2.7.2.20000922121808.00c7cc30@localhost> In-Reply-To: <39CB4C42.1A59669C@kew.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:10 AM 9/22/2000, Drew Derbyshire wrote: >Most people also want a secure system. Don't even get me started about >rlogin/rsh being on by default in /etc/inetd.conf. That's a change that should be committed YESTERDAY. All in favor? >IMHO, many people wouldn't know NFS if it bit them in the nose. I think you are correct. >If an NFS startup is enabled and the associated required portmap server is >not, then a improved RC script can override the setting and start portmap >automatically (with a suitable nasty warning to console and/or log). >Turning in portmap by default because someone MAY want NFS is not suitable. Agree. >Like others, I would prefer mail was left disabled or prompted for: > > 1. Mail running behind a firewall normally has to be reconfigured to work > properly to see the enterprise mail relay. > 2. Mail running on a firewall normally has be reconfigured to work > properly to allow mail from the machines behind it. Ironically, these are some of the very things that Sendmail.com uses to add value to its commercial version of Sendmail. They provide Web-based forms to help set things like this up. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20000922121808.00c7cc30>