From owner-freebsd-questions Mon Apr 22 16:36:33 2002 Delivered-To: freebsd-questions@freebsd.org Received: from spf2.outblaze.com (202-77-181-64.outblaze.com [202.77.181.64]) by hub.freebsd.org (Postfix) with ESMTP id 9F0EF37BB80 for ; Mon, 22 Apr 2002 16:30:17 -0700 (PDT) Received: from mg.hk5.outblaze.com (202-77-181-23.outblaze.com [202.77.181.23]) by spf2.outblaze.com (8.11.6/8.11.6/srs) with ESMTP id g3MHDCJ85559 for ; Mon, 22 Apr 2002 18:13:12 +0100 (BST) (envelope-from rafter@linuxmail.org) Received: from mta1-3.us4.outblaze.com (205-158-62-44.outblaze.com [205.158.62.44]) by mg.hk5.outblaze.com (8.11.2/8.11.2) with ESMTP id g3MD9Mp07890 for ; Mon, 22 Apr 2002 13:09:23 GMT Received: from ws4-4.us4.outblaze.com (205-158-62-105.outblaze.com [205.158.62.105]) by mta1-3.us4.outblaze.com (8.11.6/8.11.6-srs) with SMTP id g3MB8IU32554 for ; Mon, 22 Apr 2002 11:08:18 GMT Received: (qmail 17895 invoked by uid 1001); 22 Apr 2002 11:08:18 -0000 Message-ID: <20020422110818.17894.qmail@linuxmail.org> Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [80.62.4.74] by ws4-4.us4.outblaze.com with http for rafter@linuxmail.org; Mon, 22 Apr 2002 19:08:18 +0800 From: "Rafter Man" To: freebsd-questions@FreeBSD.ORG Date: Mon, 22 Apr 2002 19:08:18 +0800 Subject: [security] Re: Mysterious sshd "starting itself" at bootup X-Originating-Ip: 80.62.4.74 X-Originating-Server: ws4-4.us4.outblaze.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ----- Original Message ----- From: "Peter Leftwich" > It was my understanding that the stuff in /etc/rc.network have some > dependencies on what the sysadmin has configured IN /etc/rc.conf as there > are some lines in my /etc/rc.network that say: > > case ${sshd_enable} in > [Yy][Ee][Ss]) > > And some lines in my /etc/rc.conf that say: > > sshd_enable="NO" # Enable sshd > > ...which in other words would match the /etc/rc.network stuff above were it: > > case ${sshd_enable} in > [Nn][Oo]) Maybe it is just me, but for security reasons I think that it should only be possible to start services from 1 file/place at bootup. So that you in /boot have a directory for the system bootup files (all for them) and one for user and other (programs and services) bootup files. This way ALL the boot files and in /boot and services like FTP, SMTP, SSH, HTTP can not be started by system files, but only by user/other files. Likewise I think that there should be a /etc/services directory with underdirectories like: /etc/services/ftp and ALL the configuration files for ftp should be there, but maybe I am the only one who likes it when things are sooooo simple. I am VERY pleased to see that FreeBSD 5.0 have put some order in the FreeBSD filesystem, but I still think there are to many exampels for configuration files not "in place". Meaning that in order to setup (fx) sendmail, you have to studie which bootfiles it writes to and where it put all it's own configuration files, things could be a lot easier if all were in "the right place". So when you install a service, fx sendmail files go here: /boot/services/sendmail.sh (if the files is a script then run it) /etc/service/sendmail/ all sendmails configuration files /usr/services/sendmail/ all sendmails other files. Or is this just plain dumb? /rafter -- Get your free email from www.linuxmail.org Powered by Outblaze To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message