From owner-freebsd-stable Wed Aug 1 7: 3:22 2001 Delivered-To: freebsd-stable@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 8EEE337B401; Wed, 1 Aug 2001 07:03:13 -0700 (PDT) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id HAA24913; Wed, 1 Aug 2001 07:03:13 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda24911; Wed Aug 1 07:02:55 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.4/8.9.1) id f71E2sc46085; Wed, 1 Aug 2001 07:02:54 -0700 (PDT) Received: from UNKNOWN(10.1.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdb46083; Wed Aug 1 07:02:14 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.4/8.9.1) id f71E2Dm30982; Wed, 1 Aug 2001 07:02:13 -0700 (PDT) Message-Id: <200108011402.f71E2Dm30982@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdo30977; Wed Aug 1 07:02:03 2001 X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: Robert Watson Cc: arch@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Re: Patch to modify default inetd.conf, have sysinstall prompt to edit , inetd.conf In-reply-to: Your message of "Tue, 31 Jul 2001 23:48:34 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 01 Aug 2001 07:02:03 -0700 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message , Robe rt Watson writes: > One of the observations that has been made fairly frequently to me is that > the current default inetd.conf puts many FreeBSD users at risk > unnecessarily, as many of them have moved to using SSH for remote access > needs. In particular in light of the recent ftpd and telnetd security > bugs, it seems like 4.4-RELEASE would be a good time to move to a more > conservative default of having both of these services disabled in the base > install, as both NetBSD and OpenBSD have moved to doing. I think that this is goodness. I have been an advocate of this (actually a less balanced approach -- of which I've seen the light and error of my thinking) for a long time. For that matter one of my biggest pet peeves about RH Linux is that by default it installs everything and enables everything. I think that the approach taken here is a balanced approach and is the correct approach. Services are not removed from the system entirely and can be enabled if needed. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD Ministry of Management Services Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message