Date: Sat, 7 Oct 2000 11:44:28 -0500 (CDT) From: Mike Meyer <mwm@mired.org> To: Bill Fumerola <billf@chimesnet.com> Cc: freebsd-ports@FreeBSD.org Subject: Re: ports/21814: Inetd's very existence is a security risk. Message-ID: <14815.21228.196822.666136@guru.mired.org> In-Reply-To: <20001007123306.L38472@jade.chc-chimes.com> References: <200010071150.EAA21816@freefall.freebsd.org> <20001007123306.L38472@jade.chc-chimes.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill Fumerola writes: > This is getting borderline absurd. If you don't like it don't run it. That may well be the case. Then again - is anything to far for security? Having it not be there means it doesn't get run, ever. > All the other NO_*'s are typically because the program is one that takes > a long time to build(usually with no benefit, see ObjC..), conflicts with other > programs that do the same thing (sendmail, lpr), or are illegal for some of > us to use. So for whom is it illegal to use the suid perl binary? > We dnn't just make them because we hate the very existance of a program[1]. It's not the existence I hate; it's having it running on machines that it shouldn't be running on that bothers me. I'm tired of removing it by hand. I think the PR should be referred to the security officer (or one of his deputies). If they don't think this patch is worth adding, then it should be closed. Thank you for changing the category; I certainly didn't mean to put it in ports. <mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14815.21228.196822.666136>