Date: Sun, 16 Aug 1998 18:22:57 +1000 (EST) From: Nicholas Charles Brawn <ncb05@uow.edu.au> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: security@FreeBSD.ORG Subject: Re: inetd enhancements (fwd) Message-ID: <Pine.SOL.4.02A.9808161809120.13076-100000@banshee.cs.uow.edu.au> In-Reply-To: <199808160440.VAA29668@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 16 Aug 1998, Darren Reed wrote:
>
> allowing different programs to bind to different IP addresses
> (on a multi-ip# box) is something inetd does not do and can't
> handle with packet filters and requires tcpd/fwtk type solution.
>
> however, I think that rather hacking that functionality into
> inetd, look at xinetd (which already has numerous additions)
> and leave inetd to be more standard...
>
>
However, as others have pointed out before, there is a certain piece of
mind gained when dealing with nice, neat, smaller programs. There are
fewer places for things to go wrong:
root@devel:/tmp/xinetd-2.2.1/xinetd# wc -l *.c |grep total
12104 total
root@devel:/tmp/xinetd-2.2.1/xinetd# cd /usr/src/usr.sbin/inetd/
root@devel:/usr/src/usr.sbin/inetd# wc -l *.c |grep total
1883 total
root@devel:/usr/src/usr.sbin/inetd#
In this case, I believe a patch that augments inetd's functionality
should be incorporated, so long as it is audited first. :)
Nick
--
Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick
Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A
"When in doubt, ask someone wiser than yourself..." -unknown
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.02A.9808161809120.13076-100000>