From owner-freebsd-stable Tue Jul 31 22:29:23 2001 Delivered-To: freebsd-stable@freebsd.org Received: from lists.blarg.net (lists.blarg.net [206.124.128.17]) by hub.freebsd.org (Postfix) with ESMTP id 4190437B403; Tue, 31 Jul 2001 22:29:14 -0700 (PDT) (envelope-from coffee@blarg.net) Received: from thig.blarg.net (thig.blarg.net [206.124.128.18]) by lists.blarg.net (Postfix) with ESMTP id DEC50BCF2; Tue, 31 Jul 2001 22:29:13 -0700 (PDT) Received: from paco.blarg.net (trilluser@paco.fatburrito.com [206.124.139.210]) by thig.blarg.net (8.9.3/8.9.3) with ESMTP id WAA00860; Tue, 31 Jul 2001 22:29:13 -0700 Message-Id: <5.1.0.14.0.20010731223153.03b3e370@mail.blarg.net> X-Sender: coffee@mail.blarg.net X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 31 Jul 2001 22:32:33 -0700 To: "Mike Porter" , "Robert Watson" , From: "Derek C." Subject: Re: Patch to modify default inetd.conf, have sysinstall prompt to edit , inetd.conf Cc: In-Reply-To: <00e501c11a45$f2165520$0300a8c0@laptop> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG So did I... And nobody said anything about disabling SSH... the wording of the email confused me at first, but the services in question were FTP and Telnetd. Derek At 09:53 PM 7/31/2001, Mike Porter wrote: >Somehow I missed the original of this.... > >-----Original Message----- >From: Derek C. >To: Robert Watson ; arch@FreeBSD.ORG >Cc: stable@FreeBSD.ORG >Date: Tuesday, July 31, 2001 9:56 PM >Subject: Re: Patch to modify default inetd.conf, have sysinstall prompt to >edit , inetd.conf > > > >Well, I am a fairly typical uninformed/idiot user, who is getting better > >every day, and I say the documentation is great, and the patch is a great >idea. > > > >Derek > > > >At 08:48 PM 7/31/2001, Robert Watson wrote: > > >[snip the first introductory bits] > > > >>needs. In particular in light of the recent ftpd and telnetd security > >>bugs, it seems like 4.4-RELEASE would be a good time to move to a more > >>conservative default of having both of these services disabled in the base > >>install, as both NetBSD and OpenBSD have moved to doing. > >> >Seems like a pretty good idea to me; although it seems to me that perhaps >disabling SSH by default is overkill; certainly I think that it is a good >idea to disable telnet by default...nearly eveyone who NEEDS it should be >able to add it easily enough...however... > > >[...] > >>concerning enabling and disabling services. It also modifies sysinstall > >>such that enabling inetd in the post-install configuration describes inetd > >>more than previously, mentions the risks, and then also presents the > >>opportunity to edit inetd.conf if inetd is enabled. Also, during the > >>normal install, the user is automatically prompted to enable or disable > >>inetd in much the same style as the NFS server. > >> >[snip the details] >It also seems to me that a better solution than just editing inetd.conf >(especially for novice users) would be a sub-menu, similar to the one used >to enable inetd and NFS and the like, allowing a user to check which >services are desired. Of course, I am not familiar with sysinstall >internals, so I don't know how much work this really entails, its just an >idea. > >mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message